Site Breach - CREDITKARMA.COM also Breached @ Same Time

Status
Not open for further replies.

xkeyscore89

Distinguished
Feb 27, 2015
7
0
18,510
EDIT: CREDITKARMA.COM ALSO BREACHED within last 24 hours, sorry I didn't see the sticky about security vulnerabilities until I posted this
Just got a notification from google that this site was breached and my password and email were compromised. I just noticed this feature on Chrome's settings and it wll automatically check stored passwords against known data breaches. I had a few but I'm letting sites know that I care about that this happened in case the admins or users are not aware.

EVERYONE CHANGE YOUR PASSWORD......TOM'S HARDWARE PLEASE GET YOUR OUTSOURCED IT TEAM ON THIS IMMEDIATELY, IF THIS IS MANAGED IN-HOUSE, YOU NEED TO CHECK LOGS AND RUN PENETRATION TESTING TO FIGURE OUT HOW HE GOT IN.
 

rgd1101

Don't
Moderator
Just got a notification from google that this site was breached and my password and email were compromised. I just noticed this feature on Chrome's settings and it wll automatically check stored passwords against known data breaches. I had a few but I'm letting sites know that I care about that this happened in case the admins or users are not aware.
didn't find anything. Maybe you are the one who got hacked?
 

popatim

Titan
Moderator
It came from Chrome and is part of Google's Safe Browsing feature.
https://support.google.com/chrome/thread/23534509?hl=en

We haven't been hacked that I know of.

@xkeyscore89 the Username & Password combo you used on this site was found as a match in some previous data breach. This means YOU need to change your passwords. It does not mean this site was hacked. This feature ONLY checks the username/pw combo that was used against the list of known 'breached' combos and your's scored a hit. It doesn't even mean it was your account, just that the same ID & PW was used, and breached , somewhere on the net.
 
  • Like
Reactions: rgd1101

rubix_1011

Contributing Writer
Moderator
It came from Chrome and is part of Google's Safe Browsing feature.
https://support.google.com/chrome/thread/23534509?hl=en

We haven't been hacked that I know of.

@xkeyscore89 the Username & Password combo you used on this site was found as a match in some previous data breach. This means YOU need to change your passwords. It does not mean this site was hacked. This feature ONLY checks the username/pw combo that was used against the list of known 'breached' combos and your's scored a hit. It doesn't even mean it was your account, just that the same ID & PW was used, and breached , somewhere on the net.


Yep, correct.

It isn't necessarily the SITE which has the issue, it is YOU (the person) who has the potential breach issue either by username or PW or both.

For example, if you use the combo of 'admin/password123' this is going to flag on a lot of sites, but does not mean the site you used it on was compromised, it means the use of either user, password or the combination of each has been used by you - the user - and you should defnitely change your PW to something strong.
 
Status
Not open for further replies.