UK events and publishing outfit Incisive Media today urged subscribers to change their account passwords after it found an open port on a server had left it exposed to a buffer overflow or another remotely exploitable vuln. “We are sorry to inform you of a potential breach of security that may have resulted in the unauthorised disclosure of your log-in details to CRN,” the company stated in an email seen by The Reg. “One of our service providers stored your login details for your CRN account on their server. The login details stored included the customer's name, email address and password in an encrypted form, “no one has access to any other personal data from this breach”, the mail reassured. “Our partners have removed the information from that server and have undertaken a full audit and introduced additional steps to ensure your data is not accessible. Though Incisive said it did not believe the “data breach” met the threshold to be reported to the Information Commissioner’s Office, it had informed the UK’s data watchdog anyway.