Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • September 29, 2016, 11:58:43 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: I have been pwned  (Read 3869 times)

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,043
    • View Profile
    • Donate to Member
I have been pwned
« on: December 09, 2013, 07:55:07 AM »
I am one of the 153,962,421 people who has been "pwned" via Adobe by hackers.
It only takes a couple of seconds to check if you too have been "pwned":
Go to haveibeenpwned and type in your email address, and the answer is ready!

First go to gizmo at http://www.techsuppo...-check-instantly.htm to get the proper haveibeenpwned link, and instructions on what to do if you too have had your email address and log-in details stolen via Adobe :

This is the answer you don't want to get:

2013-12-09_144529.gif

Quote from: techsupportalert
Are Your Details Among 154 Million Stolen Accounts? Check Instantly
Updated 8. December 2013 - 4:23 by rob.schifreen

There's been a number of high-profile system hacks over the past couple of years, against companies such as Yahoo, Adobe and Sony.  In hacker terminology, these accounts are now owned, or "pwned", by the attackers, which means that the usernames, passwords and email addresses behind them can be used for illicit purposes.

Hackers often like to publicise their discoveries, and the databases of hacked, stolen passwords were uploaded for all to see.  This allowed the people behind a rather useful website to create a searchable copy of the list, so that you can check whether your details appear on a list of some 154 million stolen online accounts and email addresses.

To find out whether your details do indeed appear on any of those stolen lists, just head to haveibeenpwned and type in your email address on the home page.  If that address is among any of the lists of stolen accounts, you'll be warned straight away.

If you do get informed that your details were among those stolen, your next course of action depends on whether the password you used on that system was unique.  If it was, log into that system and change the password as soon as you can.  Or delete the account entirely.  More importantly, if you used the same password on other sites, you need to change your password on all of those sites too.  Assuming it's not too late and a hacker hasn't already done it for you.
http://www.techsuppo...-check-instantly.htm

Innuendo

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,255
    • View Profile
    • Donate to Member
Re: I have been pwned
« Reply #1 on: December 09, 2013, 10:48:13 AM »
First, some would argue that with Adobe's strange policies, weird non-standard UIs, and exorbitant pricing that Adobe pwned their customers long before any hackers came along.

Second, while the steps you outlined are a good start, they are unfortunately just the start of the battle. You are going to want to contact the three credit card reporting agencies (Experian, TransUnion, and EquiFax) to flag your credit reports. You're then going to want to contact your bank(s) and all of your credit card issuers so they can flag your accounts there as well. If you're extra cautious/paranoid you may want to consider subscribing to one of the many credit monitoring/identity protection services that will help you detect any impending fraud as quickly as possible. There may be other things you will want to do as time goes on to tweak the process, but getting those flags in place are the first line of defense towards protecting your identity, your credit rating, and your bank account.

When a security breach like this happens, it's rarely told what the gap of time is between when the incident occurred and when it was detected & reported. Who knows how much time the hackers had to sift through that data and start using it before the whistle was blown on them?

I used to work for one of the largest credit card processors in the world. If you knew what I knew about credit cards you'd never use one again.  ;D

TaoPhoenix

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 4,548
    • View Profile
    • Donate to Member
Re: I have been pwned
« Reply #2 on: December 09, 2013, 10:51:46 AM »
That's useful Curt.

So far my accounts are safe! ... So far!


MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,164
    • View Profile
    • Miles Ahead Software
    • Donate to Member
Re: I have been pwned
« Reply #3 on: December 09, 2013, 10:57:00 AM »

Quote
I used to work for one of the largest credit card processors in the world. If you knew what I knew about credit cards you'd never use one again.

"Laws are like sausages, it is better not to see them being made."

Otto von Bismarck

I guess we should amend this to:
"Credit cards are like laws  and sausages, it is better not to know how they're made."

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,265
    • View Profile
    • www.StoicJoker.com
    • Donate to Member
Re: I have been pwned
« Reply #4 on: December 09, 2013, 11:20:00 AM »
That's only because they're not making sausage out of a lawyer ... Then everybody would want to watch.

MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,164
    • View Profile
    • Miles Ahead Software
    • Donate to Member
Re: I have been pwned
« Reply #5 on: December 09, 2013, 11:41:44 AM »
That's only because they're not making sausage out of a lawyer ... Then everybody would want to watch.

Perhaps you should pitch it to TruTV?  Sounds like a winner.  :)

mwb1100

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,515
    • View Profile
    • Donate to Member
Re: I have been pwned
« Reply #6 on: December 09, 2013, 12:06:49 PM »
Second, while the steps you outlined are a good start, they are unfortunately just the start of the battle. You are going to want to contact the three credit card reporting agencies (Experian, TransUnion, and EquiFax) to flag your credit reports.

Did the Adobe breach disclose credit card information, too?  I hadn't heard that.

cyberdiva

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 977
    • View Profile
    • Donate to Member
Re: I have been pwned
« Reply #7 on: December 09, 2013, 12:51:44 PM »
My email address (well, one of them  :) ) was on the pwned list, but I don't think I'll worry about it or take any action.  The password I used is one I used only on that site, so it won't do anyone much good.  And the credit card I used when I bought something several years ago was cancelled long ago.  Thus, I think the worst anyone could do with my information is send spam by faking the pwned email address, something that's been done before and is probably not worth their time.    

tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 10,251
    • View Profile
    • Donate to Member
Re: I have been pwned
« Reply #8 on: December 09, 2013, 01:35:17 PM »
Second, while the steps you outlined are a good start, they are unfortunately just the start of the battle. You are going to want to contact the three credit card reporting agencies (Experian, TransUnion, and EquiFax) to flag your credit reports.

Did the Adobe breach disclose credit card information, too?  I hadn't heard that.

This (znet) gave the impression that it was:

The Znet article says:

Quote
Adobe is resetting the passwords on breached Adobe customer IDs, and users will receive an email if they are affected. The software giant is also currently notifying customers whose credit or debit card information was exposed.

so it sounds like maybe only some people's CC info was taken :-\
Tom

4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 4,407
    • View Profile
    • Donate to Member
Re: I have been pwned
« Reply #9 on: December 09, 2013, 06:20:18 PM »
Bah!  I don't trust that site, of the 14 gmail accounts I use not one appeared on there ... I'm going to have to try harder  :mad:

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 7,650
    • View Profile
    • The Blog of Deozaan
    • Read more about this member.
    • Donate to Member
Re: I have been pwned
« Reply #10 on: December 09, 2013, 06:53:12 PM »
I got a match... from the Gawker hack back in 2010. I already knew about that one. I started using LastPass after that happened.


Innuendo

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,255
    • View Profile
    • Donate to Member
Re: I have been pwned
« Reply #11 on: December 10, 2013, 09:48:29 AM »
Did the Adobe breach disclose credit card information, too?  I hadn't heard that.

Even if the breach had not disclosed credit card information, if users use the same login credentials on other sites, these criminals could theoretically log into these other accounts and build up quite a dossier of information on the person making it very easy for identity theft. Picture a criminal using your vital information sending out credit card applications to the four winds. That would not be a mess anyone would want to clean up.

J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,913
    • View Profile
    • Donate to Member
Re: I have been pwned
« Reply #12 on: December 11, 2013, 09:40:42 PM »
I just entered my five most used email addresses and only one - my Gmail address - was pwned on one site - Gawker, from that major hack they suffered last year. However I changed my password since then plus started using Google's two-step authentication, so hopefully I'm good.

The only negative they mentioned about the Gawker hack is that a lot of folks are receiving Acai berry spam! Haven't gotten any of that.

Thanks!

Jim

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 7,650
    • View Profile
    • The Blog of Deozaan
    • Read more about this member.
    • Donate to Member
Re: I have been pwned
« Reply #13 on: December 11, 2013, 09:50:38 PM »
The only negative they mentioned about the Gawker hack is that a lot of folks are receiving Acai berry spam! Haven't gotten any of that.

They said that people who used the same info for the Twitter accounts inadvertently Tweeted acai berry spam. (Accounts were hijacked to send the spam.)

I've gotten all sorts of spam since the Gawker hack. I used to only get maybe 15 spams a year to my account. But since the Gawker hack, I get 2-3 per day. It sucks. )c:


J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,913
    • View Profile
    • Donate to Member
Re: I have been pwned
« Reply #14 on: December 11, 2013, 10:43:06 PM »
My spam is pretty well filtered. Even so, it hasn’t increased noticeably. Lucky I guess.

Jim