Linustechtips.com breached?

[pocketdrummer]

I just got a notification from Google One that my credentials for linustechtips.com was leaked. Is LTT aware of this?

 

[Hellowpplz]

Just now, pocketdrummer said:

I just got a notification from Google One that my credentials for linustechtips.com was leaked. Is LTT aware of this?

 

Probably had a virus or malware that tracked your keyboard inputs when you were logging in. Make sure to run windows antivirus, uninstall all google extensions that are sketchy, and if nothing shows up your either right or you need to install a 3rd party software to get rid of said malware.

[pocketdrummer]

1 minute ago, Hellowpplz said:

Probably had a virus or malware that tracked your keyboard inputs when you were logging in. Make sure to run windows antivirus, uninstall all google extensions that are sketchy, and if nothing shows up your either right or you need to install a 3rd party software to get rid of said malware.

The password that was leaked is actually an old password from over 3 years ago. I also don't come to this forum too often, and I started using a password manager with random strings after I stopped using that password. I don't believe it's malware.

[GuiltySpark_]

42 minutes ago, pocketdrummer said:

I just got a notification from Google One that my credentials for linustechtips.com was leaked. Is LTT aware of this?

 

 

Your password is a known password, this has nothing to do with LTT or this website. 

[da na]

If you reused the password on another website, that website was breached.

[Lurick]

Your account is from 2013

The forum DID have a breach MANY years ago

It's likely that data is now being indexed by Google One's dark web search.

[Spotty]

If you haven't already done so change your password from account settings. You should also change your password on any other websites where you may have used the same password.

[candidcartoon]

I also got this notice and haven't been here in 8 years according to my unread messages. The password reported by Google One was randomly generated back in the day. I had to reset to log in because that was multiple complete wipes ago. A breach years ago would still make sense, but I would hope the very capable team members that run this site might have emailed a notice of this close to when it happened. 

[RoseLuck462]

Make sure you have 2FA enabled

[LAwLz]

I see A LOT of people making contradicting statements here. Does anyone actually know how this feature works?

 

 

13 hours ago, Hellowpplz said:

Probably had a virus or malware that tracked your keyboard inputs when you were logging in.

12 hours ago, GuiltySpark_ said:

Your password is a known password, this has nothing to do with LTT or this website. 

12 hours ago, da na said:

If you reused the password on another website, that website was breached.

12 hours ago, Lurick said:

Your account is from 2013

The forum DID have a breach MANY years ago

It's likely that data is now being indexed by Google One's dark web search.

12 hours ago, Spotty said:

The warning given by Google's Password Manager here indicates that the email & password you have saved for linustechtips.com matches credentials in their database of known exposed emails/passwords. Those credentials may have been exposed in unrelated data breaches via malware on your device or if you have at any point used that same password on any other website that has been breached.

 

Some of these posts have to be wrong.

[colonel_mortis]

Back in September 2015, the forum was breached. At the time, everyone was notified (via email, as well as discussion on either the wan show or the wan aftershow), and everyone's passwords were reset.

 

We are looking into this further, but the initial indications are that this is just the data from that breach finally surfacing publicly.

 

If anyone has data to suggest otherwise (eg accounts created after that date), please do let me know.

[Ensarda]

Hey everyone

Hope you are well, I don't know if this has been noticed by anyone else but I am curious, I have received a dark web monitoring report from Google saying that my email and username has been leaked from a LTT data breach with the 21st Feb on it.

So I am curious has this happened to anyone else

[OhYou_]

there was a data breach like 6 years ago.
there most likely was not one yesterday.
I would be very sus about if that mail was actually from google since your user is too new

[Lurick]

More context

[Gat Pelsinger]

wow that's scary. How do I know if my account is leaked?

[Needfuldoer]

1 hour ago, Gat Pelsinger said:

wow that's scary. How do I know if my account is leaked?

You can plug your email address into this tool to find out.

 

However, the source of this "new" leak seems to be another checking tool that collected old leaks. There was a cybersecurity incident on the forums years before either of us joined, which that tool had cached. That old data seems to be included in this new leak.

 

The best thing you can do is follow good password practices. Never use the same password on multiple websites. If you want to be extra safe, enable two-factor authentication from the user control panel.

[pocketdrummer]

Just to put everyone's mind at ease about my personal situation, I already reset my password and enabled 2FA. The password that was leaked is also not in use any longer (as of a long time ago), and all of my passwords are random strings. No password is reused, they're all 14+ characters, upper/lower/number/special/etc.

 

I don't believe my current information was leaked, but given the potential severity if there was another breach, I'm glad @colonel_mortis is looking into it further. Chances are, Google is just late to the party, but it doesn't hurt to check.

[LogicalDrm]

On 2/22/2024 at 8:44 PM, Ensarda said:

Hey everyone

Hope you are well, I don't know if this has been noticed by anyone else but I am curious, I have received a dark web monitoring report from Google saying that my email and username has been leaked from a LTT data breach with the 21st Feb on it.

So I am curious has this happened to anyone else

Your thread has been merged with another about same subject.

[Skiiwee29]

Just an update, Linus made a quick announcement on WAN show last night and can be found here: