Thanks to Utilizer for posting the thread.
Posted on 06/21/2016 7:15:50 PM PDT by Utilizer
Online backup company Carbonite is the latest firm to have issued a warning that hackers are attempting to break into its users accounts, and are prompting all users to change their passwords as a result.
An email has been sent to Carbonite users explaining that the attackers are thought to be using passwords gleaned from other recent mega-breaches.
...
Nobody is keen for a hacker to break into their online accounts, but it's especially important when what's being protected by your account is your computer backup. If a hacker were able to gain access to your online backup they could - in theory - make a copy of every file on your hard drive, including those you may have thought were erased long ago.
(Excerpt) Read more at grahamcluley.com ...
I got the note. I dont know who or what to believe or trust anymore.
How can you know someone has not hacked mail and built a dummy site to capture passwords?
Call me paranoid. We have separate computers here in the office that we keep all our company financial and personal data on as well as that of our doctor clients and their patients but they are not connected to the internet. Limits what we are able to do sometimes but we work around it. I am amazed at the number of patients who send us new credit card information via email including the security code on the back of the card.
Thanks to Utilizer for posting the thread.
All you can do is hope. If you're technically oriented, you can check the domain you're sent to, maybe do a WHOIS lookup, find out who does their DNS, etc. Even Windows machines still have the venerable "nslookup" program for checking DNS.
Passwords are going to have to die and be replaced by biometric id or online will have to die.
Im not sure biometric wont be hacked somehow.
Eschew Carbonite.
They are the ones who dumped Rush dud go PC concerns.
Im told a third party was hacked and a ton of passwords stolen. The thiefs are banging away at every place they can hit.
Wonder where they got the passwords? Anybody hear? Ive checked for news. Nobody is saying.
What does this mean in English?
I gave up trying to understand it.
I hate iPad and auto correct.
Dud go = due to
They dropped Rush due to PC concerns.
I’m thinking that “dud go” is the auto-corrected version of “due to”.
Thanks, mate. Appreciate you spreading the word, not doubt. :)
Cheers!
There have been several hacks of login/password data stolen of late. Many coders, hackers, and FReepers are aware of it and broadcasting the helpful measures, patches, and workarounds as they are created. Keep watching for topics such as this and you will be able to keep on top of the vast majority of them. :)
Cheers!
Two Factor Authentication. Extremely tough passwords with LastPass. YubiKey USB key for second factor. Great peace of mind.
https://www.grahamcluley.com/2016/03/factor-authentication-2fa-versus-step-verification-2sv/
I was fortunate enough to have lived through the "no computers" world and the introduction of computers as big as a small house, kept running by a small army of attendants.
They had NO connection to the outside world.
Technical Data to be manipulated was coded on many letter-sized forms and first sent by special couriers 100 miles to Palo Alto, where the coding was transferred by a small army of card punchers for "solutions" by the huge computer with the tiny brain, and the results printed on fan-fold large format paper. Hundreds of pages.
The process was repeated one or more times to correct errors due to mistakes in coding the original problem, usually astronomy, surveying, structural engineering and coordinate geometry/
It soon became clear, when data processing came to mean databases of words and numbers, bookkeeping, banking, inventory, addresses etc., that keeping the valuable information confidential and safe would become a major problem eventually.
Hard to realize, 58 years later, with the role of the internet, that the problem has become exponentially worse.
How is that possible? Because there is nothing that the mind of man can devise that the mind of man can't circumvent.
And the circumventers are invariably criminals.
The long and short of it is that many of us then saw data security as a permanent vulnerability, with no means of certain security imaginable.
As true today as in 1958.
My sons and grandchildren may one day solve that conundrum, but I don't expect to see the solution to permanent and safe data storage in my lifetime.
Bottom line? I do not now, nor will I ever trust my data exclusively to the cloud. Any cloud. That applies both to the integrity of the data, as well as its confidentiality.
Pessimist Misanthrope?
You bet!
From my address, to my address!
I hit “Block Sender” and my own address popped up, so this was not a clever Trojan Horse concealing the real source.
I use Outlook for everything, so I presume they hacked my free Hotmail account, which I never use.
I have no idea how they did this since I do a security scan on every email and have never used my Outlook/Hotmail password for any other login.
“How can you know someone has not hacked mail and built a dummy site to capture passwords?”
That part is easy, at least as I read the message - first assume the message is fraudulent, so never click on the provided links. Then log on to Carbonite the usual way (as if you never got the message), then change the password the normal way (again, as if the message never came).
It’s like getting a credit card warning by E-Mail, or even Snail Mail - if you think it’s legit, you look at the phone number on the back of the credit card, call them, and tell them you got an E-Mail regarding (whatever).
Many of these companies have farmed out support to overseas. I believe the hackers are on the inside of these companies in many cases as foreign based contract employees.
Never ever click on a link embedded in an email even if the email looks legitimate. Instead go to the URL that you have booked marked for logging into your account.
I do all my bill paying on-line and get email reminders when bills are due. I never use the link in the email however to get to the account log in page.
I too make that a habit but thank you for a very good bit of advice.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.