General > General Technical Chat

Check your email address(s) and passwords for cyber security breaches

(1/22) > >>

Halcyon:
Good morning all,

A few of you may have noticed some user accounts posting spam on the forum, where they previously seemed to make legitimate posts. These are different to the normal spammers who create new accounts, foolishly attempt to make them seem genuine but then end up posting spam.

I checked the registered email addresses of all these users (just a small handful at this stage) and all but 1 have been compromised in a known data breach involving one or more third-parties.
Before anyone panics, it's important to stress that the breached sites/services do not include EEVblog, the forum or anything connected to Dave.

I think this is a timely reminder to review your cyber security practices and check your email address(s) and passwords against known leaks. https://haveibeenpwned.com is an excellent resource for this. Troy Hunt (who created/runs HIBP) is a well known and reputable Australian Cyber Security professional. This site is totally legitimate and is a valuable resource for checking your email addresses and passwords against a list of known leaked data.

A lot of breaches occur when people use the same passwords across multiple platforms, so when one site is breached, threat actors can gain access to multiple sites/services you use. In terms of a secure and reputable password manager, I personally use BitWarden, but if you're the type of person who doesn't want their credentials "in the cloud", KeePass is a great offline alternative.

You may also consider using 2FA/MFA on your forum account. You can enable this by going to Account Settings > Modify Profile > Two-Step Authentication.

SeanB:
Thanks, done over 3 times. first my metro, then Gravatar ( where I do not even remember having actually using it either...), and finally patreon.

Now waiting to see if the latest will show up there now.

RoGeorge:

--- Quote from: Halcyon on January 11, 2023, 10:44:49 pm ---I think this is a timely reminder to review your cyber security practices and check your email address(s) and passwords against known leaks. https://haveibeenpwned.com is an excellent resource for this. Troy Hunt (who created/runs HIBP) is a well known and reputable Australian Cyber Security professional. This site is totally legitimate and is a valuable resource for checking your email addresses and passwords against a list of known leaked data.

--- End quote ---

You think wrong.  To give such advice you have to be either very gullible, or maybe malicious.


To put personal data in a webpage, because "trust me that's safe" is the worst idea ever.  To check a passwords in somebody else's webpage, dumbest idea ever.  Why would anyone trust an online place?


Also, Halcyon, please do not use user's email for your experiments, or other user's personal data.  Not without written consent.  Nobody named you to check the status of my email.

I have already enough spam without you putting my email in some "totally legitimate" online webpage.

Whether you realize it or not, you did a childish thing from a security standpoint.  You probably abused your admin privileges, too, by putting everybody's email in who knows what online database(s).  Please don't do that again.

JohanH:
I don't know what to say, but RoGeorge got practically everything wrong in his post here... (at least if nothing was edited away in Halcyon's post, because the answer doesn't make sense).

JohanH:
haveibeenpwned.com is perfectly legitimate. You don't enter your password there, you just enter your email address and it looks if your address is part of leaked data. This leaked data comes originally from hacker forums and is now practically public data.

E.g. when I enter my email, it says my email has been part of following leaked data:

"Adobe: In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text."
"Dropbox: In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers."
"Twitter (200M): In early 2023, over 200M records scraped from Twitter appeared on a popular hacking forum. The data was obtained sometime in 2021"

and a couple more.

I have been careful enough to use different passwords in different places, so if one place is hacked, they can't login to my other services. Also, when receiving notice from haveibeenpwned.com I've been quick to change password and turn on 2FA in the sites that have been breached.

Navigation

[0] Message Index

[#] Next page

There was an error while thanking
Thanking...
Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod