Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Online backup firm Carbonite tells users to change their passwords now
grahamcluley website ^ | June 21, 2016 8:32 pm | Graham Cluley

Posted on 06/21/2016 7:15:50 PM PDT by Utilizer

Online backup company Carbonite is the latest firm to have issued a warning that hackers are attempting to break into its users accounts, and are prompting all users to change their passwords as a result.

An email has been sent to Carbonite users explaining that the attackers are thought to be using passwords gleaned from other recent mega-breaches.

...

Nobody is keen for a hacker to break into their online accounts, but it's especially important when what's being protected by your account is your computer backup. If a hacker were able to gain access to your online backup they could - in theory - make a copy of every file on your hard drive, including those you may have thought were erased long ago.

(Excerpt) Read more at grahamcluley.com ...


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: hacking; limbaugh; malware; rush; security; virus; windowspinglist
Navigation: use the links below to view more comments.
first 1-2021-25 next last
At least Carbonite is taking preventative measures. I think they should be commended for that.
1 posted on 06/21/2016 7:15:50 PM PDT by Utilizer
[ Post Reply | Private Reply | View Replies]

To: Utilizer

I got the note. I dont know who or what to believe or trust anymore.

How can you know someone has not hacked mail and built a dummy site to capture passwords?


2 posted on 06/21/2016 7:33:26 PM PDT by Sequoyah101 (It feels like we have exchanged our dreams for survival. We just have a few days that don't suck.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sequoyah101

Call me paranoid. We have separate computers here in the office that we keep all our company financial and personal data on as well as that of our doctor clients and their patients but they are not connected to the internet. Limits what we are able to do sometimes but we work around it. I am amazed at the number of patients who send us new credit card information via email including the security code on the back of the card.


3 posted on 06/21/2016 7:56:46 PM PDT by Grams A (The Sun will rise in the East in the morning and God is still on his throne.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Utilizer; Abby4116; afraidfortherepublic; aft_lizard; AF_Blue; amigatec; AppyPappy; arnoldc1; ...
Online backup company hacked ... OOPS! ... PING!

You can find all the Windows Ping list threads with FR search: just search on keyword "windowspinglist".

Thanks to Utilizer for posting the thread.

4 posted on 06/21/2016 8:08:55 PM PDT by dayglored ("Listen. Strange women lying in ponds distributing swords is no basis for a system of government.")
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sequoyah101
> How can you know someone has not hacked mail and built a dummy site to capture passwords?

All you can do is hope. If you're technically oriented, you can check the domain you're sent to, maybe do a WHOIS lookup, find out who does their DNS, etc. Even Windows machines still have the venerable "nslookup" program for checking DNS.

5 posted on 06/21/2016 8:16:45 PM PDT by dayglored ("Listen. Strange women lying in ponds distributing swords is no basis for a system of government.")
[ Post Reply | Private Reply | To 2 | View Replies]

To: dayglored

Passwords are going to have to die and be replaced by biometric id or online will have to die.

Im not sure biometric wont be hacked somehow.


6 posted on 06/21/2016 8:25:34 PM PDT by Sequoyah101 (It feels like we have exchanged our dreams for survival. We just have a few days that don't suck.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Utilizer

Eschew Carbonite.

They are the ones who dumped Rush dud go PC concerns.


7 posted on 06/21/2016 8:26:59 PM PDT by ifinnegan (Democrats kill babies and harvest their organs to sell)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dayglored

Im told a third party was hacked and a ton of passwords stolen. The thiefs are banging away at every place they can hit.

Wonder where they got the passwords? Anybody hear? Ive checked for news. Nobody is saying.


8 posted on 06/21/2016 8:42:45 PM PDT by Sequoyah101 (It feels like we have exchanged our dreams for survival. We just have a few days that don't suck.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: ifinnegan
They are the ones who dumped Rush dud go PC concerns.

What does this mean in English?
I gave up trying to understand it.

9 posted on 06/21/2016 9:04:38 PM PDT by publius911 (IMPEACH HIM NOW evil, stupid, insane ignorant or just clueless, doesn't matter!)
[ Post Reply | Private Reply | To 7 | View Replies]

To: publius911

I hate iPad and auto correct.

Dud go = due to

They dropped Rush due to PC concerns.


10 posted on 06/21/2016 9:09:40 PM PDT by ifinnegan (Democrats kill babies and harvest their organs to sell)
[ Post Reply | Private Reply | To 9 | View Replies]

To: publius911

I’m thinking that “dud go” is the auto-corrected version of “due to”.


11 posted on 06/21/2016 9:11:21 PM PDT by Bob (No, being a US Senator and the Secretary of State are not accomplishments; they're jobs.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: dayglored

Thanks, mate. Appreciate you spreading the word, not doubt. :)

Cheers!


12 posted on 06/21/2016 9:14:29 PM PDT by Utilizer
[ Post Reply | Private Reply | To 4 | View Replies]

To: Sequoyah101

There have been several hacks of login/password data stolen of late. Many coders, hackers, and FReepers are aware of it and broadcasting the helpful measures, patches, and workarounds as they are created. Keep watching for topics such as this and you will be able to keep on top of the vast majority of them. :)

Cheers!


13 posted on 06/21/2016 9:18:21 PM PDT by Utilizer
[ Post Reply | Private Reply | To 8 | View Replies]

To: Utilizer

Two Factor Authentication. Extremely tough passwords with LastPass. YubiKey USB key for second factor. Great peace of mind.

https://www.grahamcluley.com/2016/03/factor-authentication-2fa-versus-step-verification-2sv/


14 posted on 06/21/2016 9:40:01 PM PDT by ProtectOurFreedom
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sequoyah101
Passwords are going to have to die and be replaced by biometric id or online will have to die.
Im not sure biometric wont be hacked somehow.

I was fortunate enough to have lived through the "no computers" world and the introduction of computers as big as a small house, kept running by a small army of attendants.

They had NO connection to the outside world.
Technical Data to be manipulated was coded on many letter-sized forms and first sent by special couriers 100 miles to Palo Alto, where the coding was transferred by a small army of card punchers for "solutions" by the huge computer with the tiny brain, and the results printed on fan-fold large format paper. Hundreds of pages.

The process was repeated one or more times to correct errors due to mistakes in coding the original problem, usually astronomy, surveying, structural engineering and coordinate geometry/

It soon became clear, when data processing came to mean databases of words and numbers, bookkeeping, banking, inventory, addresses etc., that keeping the valuable information confidential and safe would become a major problem eventually.

Hard to realize, 58 years later, with the role of the internet, that the problem has become exponentially worse.

How is that possible? Because there is nothing that the mind of man can devise that the mind of man can't circumvent.
And the circumventers are invariably criminals.

The long and short of it is that many of us then saw data security as a permanent vulnerability, with no means of certain security imaginable.

As true today as in 1958.

My sons and grandchildren may one day solve that conundrum, but I don't expect to see the solution to permanent and safe data storage in my lifetime.

Bottom line? I do not now, nor will I ever trust my data exclusively to the cloud. Any cloud. That applies both to the integrity of the data, as well as its confidentiality.

Pessimist Misanthrope?
You bet!

15 posted on 06/21/2016 11:19:35 PM PDT by publius911 (IMPEACH HIM NOW evil, stupid, insane ignorant or just clueless, doesn't matter!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Utilizer
I got junk mail yesterday that was sent from my own account.

From my address, to my address!

I hit “Block Sender” and my own address popped up, so this was not a clever Trojan Horse concealing the real source.

I use Outlook for everything, so I presume they hacked my free Hotmail account, which I never use.

I have no idea how they did this since I do a security scan on every email and have never used my Outlook/Hotmail password for any other login.

16 posted on 06/21/2016 11:28:02 PM PDT by zeestephen
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sequoyah101

“How can you know someone has not hacked mail and built a dummy site to capture passwords?”

That part is easy, at least as I read the message - first assume the message is fraudulent, so never click on the provided links. Then log on to Carbonite the usual way (as if you never got the message), then change the password the normal way (again, as if the message never came).

It’s like getting a credit card warning by E-Mail, or even Snail Mail - if you think it’s legit, you look at the phone number on the back of the credit card, call them, and tell them you got an E-Mail regarding (whatever).


17 posted on 06/22/2016 3:09:51 AM PDT by BobL
[ Post Reply | Private Reply | To 2 | View Replies]

To: Utilizer

Many of these companies have farmed out support to overseas. I believe the hackers are on the inside of these companies in many cases as foreign based contract employees.


18 posted on 06/22/2016 3:17:15 AM PDT by r_barton (GO TRUMP!!!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sequoyah101
How can you know someone has not hacked mail and built a dummy site to capture passwords?

Never ever click on a link embedded in an email even if the email looks legitimate. Instead go to the URL that you have booked marked for logging into your account.

I do all my bill paying on-line and get email reminders when bills are due. I never use the link in the email however to get to the account log in page.

19 posted on 06/22/2016 3:26:25 AM PDT by MD Expat in PA
[ Post Reply | Private Reply | To 2 | View Replies]

To: MD Expat in PA

I too make that a habit but thank you for a very good bit of advice.


20 posted on 06/22/2016 5:40:40 AM PDT by Sequoyah101 (It feels like we have exchanged our dreams for survival. We just have a few days that don't suck.)
[ Post Reply | Private Reply | To 19 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-25 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson