Hacked SDMB

The key question for you is: Does your yahoo email have a unique password?

I’m like you in that all my message board accounts have the same passwords. I really don’t care that they may log into another message board with my credentials. I’m trading reduced security for not having to remember umpteen unique passwords for each random message board.

However, anything important that is linked to my email address or user name used on those message boards has a unique pw not used anywhere else. So my accounts for email, bank, facebook, amazon, etc all have unique passwords. That way if the hackers hack the message board, they won’t be able to use the email/pw or username/pw combination on anything important.

I should clarify, I don’t have anything valuable attached to that yahoo email, either. Bank, Amazon, and the like all have unique, randomly generated passwords, as well as my “real” email account linked to them.

I mean, I’d like to not have my other forum accounts get hacked too, because that’d be a big pain in the butt, but changing my passwords for them all is still a modest pain in the butt. And it wouldn’t net the hackers anything except maybe usernames that I use a bit more frequently but aren’t attached to anything valuable.

Even if you don’t have banking or anything important linked to that email, they will use it to send spam. If they can get the login, they will literally log in to the email account and send spam directly from your account. It sounds like in your case it wouldn’t really matter even if they got access to it (other than some extra spam floating around the internet).

Just a heads-up, I got a suspicious email from China on my account that was exposed by the breach here. This is the first time I’ve ever gotten unsolicited mail on that account. So be aware, it looks like the hackers are now validating whatever info they stole.

I got an attempt to log into my Gmail account from Caracas. Gmail stopped it, whether because the person was using an incorrect password or because they were skeptical that I’m in Caracas is not clear. If the first, might it be someone trying the e-mail address I have on file at SDMB with my old SDMB password?

That sounds possible to me.
Better change the password to 1234567 quickly!

But don’t tell anyone!

I already use that for my luggage.

Then they will never suspect!

The SDMB, Target, now Michaels arts & crafts!

Is everyplace getting hacked?

In addition to Michaels (and their subsidiary Aaron Brothers) the high end store Neiman Marcus (aka Needless Markup) was also allegedly hacked. Unlike the SDMB however, credit card numbers were involved: in the case of Michaels and Target they were apparently skimmed via tampered point-of-sale devices.

What the fuck is going on? Yahoo Mail accounts breached with stolen passwords

I don’t remember seeing so many consecutive hacks into so many sites in my 20 years on the 'net. Seems as if nothing is safe anymore…

Russia and former republics of the Soviet Union have abundant technical talent, underemployment and indifferent law enforcement. Hacking delivers abundant financial rewards. So this burst of criminality doesn’t surprise me. I recommend that my fellow posters protect themselves and regularly visit the website of supercybersleuth Brian Krebs. Because c’mon, stories of RL nonviolent criminality are entertaining.

Firefox told me the site is untrusted.

From the link:

Third party database? What? My yahoo password is stored in a third party database? Why?

Might be (note I said might) a case of stealing a third party database of e-mail addresses together with the passwords for that third party site, filtering for yahoo addresses, and then trying all those third party passwords in yahoo to take advantage of those idiots that have the same password for everything. Would be a good technique for finding lots of valid passwords for any of the more well-secured sites; break into a less secured one and use their ids and passwords as a starting point.

And you get your first username/post combo credit in 13 years! minimum.

Web of Trust gives it a green circle FWIW. And Firefox isn’t giving me any problems. (YMMV and thanks for the report).

Friday’s news: “White Lodging, a company that maintains hotel franchises under nationwide brands including Hilton, Marriott, Sheraton and Westin appears to have suffered a data breach that exposed credit and debit card information on thousands of guests throughout much of 2013, KrebsOnSecurity has learned.”

Also recall that not all companies may promptly report their security breeches, the law notwithstanding. Methinks it’s appropriate to keep a careful eye on one’s finances.

That could be. Thanks.