Current Events > Just received a iPhone notification about compromised passwords

(+) Yeah! (+)

Ive been using iPhones for 10 years and had no idea this was even a feature until now. But I just got a notification about my passwords for several different websites apparently being high risk of compromise due to appearing in a data leak, and that I should change my password immediately for these websites. Tbh I use basically the same password (with slight variations for some) for every website/app and up until now Ive never thought of it as issue. Should I take this seriously and start changing some passwords?

I got that too just yesterday. How can I tell which passwords? Last time this happened my Amazon account got hacked and someone bought themselves a $100 gift card.

My runescape account prob got hacked that way. I was specifically targeted though

Nothing important tho I guess

I've been making random gibberish passwords for most sites now and storing those somewhere . I Don't reuse shit anymore.

My browser has said that about like every website?

hulkhogan1 posted...

Tbh I use basically the same password (with slight variations for some) for every website/app and up until now Ive never thought of it as issue. Should I take this seriously and start changing some passwords?

You should change passwords just based on the fact that you use the same password for everything.

Yesterday.

hulkhogan1 posted...

Should I take this seriously and start changing some passwords?

Long story short, yes.

It's absolutly crazy how dangerous such leaks are. As soon as an email + password combination is known, it get's tried everywhere sooner or later.

I had such a case a few years ago.

Spammail I used + spam password I used got somehow leaked.

Years later, I used both again for an ubisoft account.

It took 3 hours until someone else logged into it.

I'm not sure if you can check it on Apple, but you can check the login attempts on outlook/microsoft and google accounts.

This shit is terrifying.

(1) https://www.eff.org/dice

(2) https://bitwarden.com/products/personal/ (should be free)

Karovorak posted...

I'm not sure if you can check it on Apple, but you can check the login attempts on outlook/microsoft and google accounts.

Funnily enough, I just stumbled upon that with my Microsoft account last week and saw that there were multiple attempts to log into my account nearly every day. I was a little worried and learned that it's pretty much a normal thing after googling it. Makes me glad I've always used a unique password for most of my accounts, as I don't think I've ever had to deal with anyone stealing any of my accounts over the years.

Now, credit card leaks... that's another story. GameStop once had a data breach and didn't tell anyone about it for months (shocking, I know), in which time someone had used my credit card info to spend $1000+. I got it all back, but it taught me to keep a closer eye on even the accounts I don't normally use. This article I just googled talks a little bit about it and even notes that GameStop didn't notify anyone until a third party made some noise about it:

https://www.retaildive.com/news/gamestop-e-commerce-site-likely-hacked-card-data-potentially-stolen/440085/

Lazy_Haar posted...

Funnily enough, I just stumbled upon that with my Microsoft account last week and saw that there were multiple attempts to log into my account nearly every day. I was a little worried and learned that it's pretty much a normal thing after googling it. Makes me glad I've always used a unique password for most of my accounts, as I don't think I've ever had to deal with anyone stealing any of my accounts over the years.

Yeah, this shit is crazy, and the reason why 2-factor-authentification is so necessary by now.

Every account you have is under attack, 24/7.
This is the reality we live in.

Well I just took the better part of an hour updating passwords for like 30 different websites. Pretty annoying but I feel a little more secure I suppose.