Question chrome and keys

[cloudff7]

When Chrome asks to change a password and says: Found in a data breach

Does this mean that the account has already been hacked and changed?

Are there many sites that I have a login for that are in this situation? Is it necessary to change everything? There are 400 passwords

Example: archive.com is on the list, but if one day after I have logged in to download a file, can someone who is using my login change the file that I am downloading from the archive?

[SpookyCitrus]

A data breach is typically just a leak of accounts passwords or usernames. It is advisable to change your password if you receive such a warning. However, it does not mean someone has access to your account. 

[Sant_HH]

It means the website you used was compromised usernames and/or passwords (hashes usually) have been leaked. It does not always mean that your account is compromised but it is still recommended that you change the password to that specific website. You do not need to do all of them unless you reuse passwords, don't reuse passwords.

 

In your archive.org example an attacker would not be able to change what file you are downloading by simply logging in, unless archive.org or your computer gets compromised and downloads get changed to malware or something.

 

If you get one of these breach notices, change your password, force sign out any unknown devices and move on with your life.

[cloudff7]

Example: archive.com is on the list, but if one day after I have logged in to download a file, can someone who is using my login change the file that I am downloading from the archive?

[Blue4130]

17 hours ago, cloudff7 said:

Example: archive.com is on the list, but if one day after I have logged in to download a file, can someone who is using my login change the file that I am downloading from the archive?

You already downloaded the file. Unless they Hack your computer, they can't change the file.

 

Having access to your archive.org account doesn't give them access to files on your local computer.

[cloudff7]

58 minutes ago, Blue4130 said:

You already downloaded the file. Unless they Hack your computer, they can't change the file.

 

Having access to your archive.org account doesn't give them access to files on your local computer.

My archive password and email were released a few months ago when I log in to the account someone else also logs in and when I go to download files from the archive, can this person who is also logged in to my account change the files I am downloading?

[Blue4130]

8 hours ago, cloudff7 said:

My archive password and email were released a few months ago when I log in to the account someone else also logs in and when I go to download files from the archive, can this person who is also logged in to my account change the files I am downloading?

The files on the archive.org site? If you had anything uploaded to the site, then they could do anything that you could do. If you had the ability to change files, then they had the ability too. They had your info. They could do anything that you could do.

[cloudff7]

yes this site, I changed the password but before changing the password I downloaded some compressed files in the archive, it will be necessary to download them all again because someone logged into my archive account during my downloads and changed my file download?

[Blue4130]

46 minutes ago, cloudff7 said:

yes this site, I changed the password but before changing the password I downloaded some compressed files in the archive, it will be necessary to download them all again because someone logged into my archive account during my downloads and changed my file download?

That is your choice. But from the way you act in other forum topics, it doesn't matter what me or others say, you will not take our advice.

[cloudff7]

If they log in with my archive.org email and password, can't they modify or insert malware into the files when I'm logged in and downloading from that site?

[Blue4130]

7 hours ago, cloudff7 said:

If they log in with my archive.org email and password, can't they modify or insert malware into the files when I'm logged in and downloading from that site?

I gave you the answer. If they have your password, they can do anything that you can do. If you can upload a virus or malware, they can also do that.

[cloudff7]

I wasn't the one who uploaded the files to archive.org

[Blue4130]

1 hour ago, cloudff7 said:

I wasn't the one who uploaded the files to archive.org

The risk is the same then from before the breach or after. It could have been a virus then, and it could be a virus now. Any file that is on the internet has the potential to be malicious. It is up to you to decide if the risk is worth it.

[cloudff7]

The files from the official link that I was downloading do not have malware, but if someone logs into my account at the time I log in and download files, that person can insert malware into my downloads that I am downloading.

[Avocado Diaboli]

40 minutes ago, cloudff7 said:

The files from the official link that I was downloading do not have malware, but if someone logs into my account at the time I log in and download files, that person can insert malware into my downloads that I am downloading.

No they can't.

 

They would have to sit between the server you're trying to access and your device, a typical man-in-the-middle scenario. Simply logging into your account from somewhere else doesn't allow them to do that.

[Blue4130]

1 hour ago, cloudff7 said:

The files from the official link that I was downloading do not have malware, but if someone logs into my account at the time I log in and download files, that person can insert malware into my downloads that I am downloading.

If you don't have permissions to change the files, then they don't either if they are using your log in.