Jump to content
Sign in to follow this  
Nat

Beware: forum password stolen, probably by hacker

Recommended Posts

Someone stole my password for this forum, and I'm afraid they may have stolen other people's as well.

 

I received an email that included my password for this forum. As in, my password was in the title and in the text of the email. No, it's not a "word" that could have gotten there randomly. The email says it's a password of mine (correct) but does not name this site or my username. No, I don't use the password on any other sites. No, I didn't tell it to anyone. That's why I think someone hacked into the password storage of this forum.

 

Of course I promptly changed my password, and I am quite sure there is no keylogger on my computer. It does not look like anyone logged into my account.

 

The email is trying to get money ("send me money or I'll tell all your contacts something embarassing"). I'm not sending money, I'm not replying to it or following any links, and what they will "tell" is made up anyway--they gave enough details for me to be sure they are making it up.

 

Just wanted to warn folks, in case other passwords were stolen as well.

 

--Nat

Share this post


Link to post

I received the same 'blackmail' email attempt a few months ago, it's becoming more common as more data breaches occur and information is sold or shared repeatedly. The blackmailer generally doesn't know which site the password was used for, which is why they don't name your username or anything else that matches you. However all the people I know who got the same kind of email were hit by old and publicly known data breaches. For example the password they named to me was totally legit but was from a site that I hadn't used in over a decade and well before I played DC. How long did you use that specific password for? I'm curious if it's an old one or if you changed to it recently before it was discovered, could help set a timeline.

 

Have you tried contacting the site owner as well? @TJ09 just in case

Share this post


Link to post

I get these all the time. A lot of the time it's not even a current password. It's also just an automated bot sending them in various levels of broken english and different phrasing.

 

Best thing to do is ignore them; you're good.

Share this post


Link to post

Posted (edited)

This site may or may not be able to tell you around what time your email/password combo was leaked where (it'll only ask for the email address used so it can query its database) :

https://haveibeenpwned.com/

(though chances are that it's been rotating through dealers for too long to tell - my OLD forum mail/password was in that big Collection #1 pile, too)

Edited by Ruby Eyes

Share this post


Link to post

Thanks, everyone.

No, I don't know when I last changed my password, but it might indeed have been before 2017. In that case, I guess this is just a warning to anyone else with an equally old password to change it :)

 

--Nat

Share this post


Link to post

Also, I guess, to pay attention to warnings in the news forum...

Share this post


Link to post
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.