![]() ![]() ![]() One of the affected sites, MySpace, for example was initially hacked in 2008 but it wasn’t until late May that information leaked on 360 million of its users, including their email addresses and the unsalted SHA-1 hashes of the first 10 characters of their passwords, was sold publicly online. But since May, when it was revealed that more than 164 million LinkedIn credentials were for sale on the black market, there have been back-to-back reports of similar breaches totaling more than 642 million user names and passwords that have been spotted for sale on the dark web. However, at this time Carbonite does not offer 2FA as a default option. Additionally, for some accounts, other personal information may have been exposed,” the statement read.Īffected are Mac and Windows Carbonite Personal and Carbonite Pro customers along with Carbonite Server Backup and MailStore users.Īlong with forcing a password reset, Carbonite is urging its customers to replace old passwords with complex passwords and when possible use two-factor authentication (2FA) to protect accounts. “While we will continue to monitor and investigate the matter, we have determined that usernames and passwords are involved. Security experts say each of these firms have suffered from password reuse attacks tied to recent revelations of massive credential losses from mega-breaches at LinkedIn, Tumblr, VK.com, Fling and MySpace. The mandatory password reset by Carbonite is just the latest in a long string of online companies such as Citrix’s GoToMyPC, TeamViewer, Twitter, Github, Tumbler, iMesh and LinkedIn that have also recently forced their customers to reset their passwords. In some cases, personal information may have been exposed, Carbonite wrote in a blog post. According to a statement issued by Carbonite on Tuesday hackers were attempting to break into user accounts using stolen credentials. ![]() Online backup firm Carbonite is forcing all of its 1.5 million users to change their passwords after reporting that accounts was targeted in a password reuse attack.
0 Comments
Leave a Reply. |