Page 1 of 1

What is going on with all these breaches?

Posted: Fri Oct 19, 2018 11:04 am
by diener
I keep getting emails noting that linuxmint.com was hacked and information was leaked. Lifelock is going bonkers and haveibeenpwned seems to back this up as well.

What's going on?!

EDIT - I should note that it appears to only be a single breach, so my topic title is a bit misleading now that I have read more into it.

Re: What is going on with all these breaches?

Posted: Fri Oct 19, 2018 11:06 am
by Pierre
that was true - - but that issue was Fixed Up, in just a Few Hours,
and that issue was some time ago ... .

who / what is sending those eMails to you ?.

NB: as long as You Have Changed Your Password - - you should be fine.
8)

Re: What is going on with all these breaches?

Posted: Fri Oct 19, 2018 11:13 am
by diener
Pierre wrote:
Fri Oct 19, 2018 11:06 am
that was true - - but that issue was Fixed Up, in just a Few Hours,
and that issue was some time ago ... .

who / what is sending those eMails to you ?.
My identity theft protection alerted me. It said the following:
The site linuxmint.com has been reported to possibly have suffered a data exposure that could include usernames, passwords, emails and more information. The possible exposure would have happened in October 2016 although it was reported in October 2018

Re: What is going on with all these breaches?

Posted: Fri Oct 19, 2018 11:17 am
by karlchen
Hm. As I understand "all these breaches" boils down to a belated alert, belated by only 2 years, about the Linux Mint forum breach 2 years ago?! :roll:
Of course, an e-mail address, which was harvested in October 2016, will still be found on https://haveibeenpwned.com/. Pwnd once, pwned for all times. Applies to my e-mail address as well.

PSA! linuxmint.com data breach alert from LifeLock

Posted: Fri Oct 19, 2018 11:13 pm
by zakthemaster
I recieve an alert from LifeLock that my username and password for here was exposed on the dark web.

Here is what life lock said:
The site linuxmint.com has been reported to possibly have suffered a data exposure that could include usernames, emails and more information. The possible exposure would have happened in October 2016 although it was reported in October 2018
So change your passwords if haven't in the last 2 years.
Admins please do what you need to in order to properly alert people.

Re: PSA! linuxmint.com data breach alert from LifeLock

Posted: Sat Oct 20, 2018 12:29 am
by stormryder
zakthemaster wrote:
Fri Oct 19, 2018 11:13 pm
I recieve an alert from LifeLock
Hopefully you aren't paying for such outdated information, I read about that on clem's blog the day after it was discovered.
This is one of the reasons I trust mint. I think clem addressed it in a very professional way.
https://blog.linuxmint.com/?p=2994

Re: PSA! linuxmint.com data breach alert from LifeLock

Posted: Sat Oct 20, 2018 12:40 am
by catweazel
stormryder wrote:
Sat Oct 20, 2018 12:29 am
zakthemaster wrote:
Fri Oct 19, 2018 11:13 pm
I recieve an alert from LifeLock
Hopefully you aren't paying for such outdated information, I read about that on clem's blog the day after it was discovered.
This is one of the reasons I trust mint. I think clem addressed it in a very professional way.
https://blog.linuxmint.com/?p=2994
Except that's the wrong link.

https://blog.linuxmint.com/?p=3001

Re: PSA! linuxmint.com data breach alert from LifeLock

Posted: Sat Oct 20, 2018 12:56 am
by stormryder
catweazel wrote:
Sat Oct 20, 2018 12:40 am
Except that's the wrong link.
Thanks, I just googled it.

Re: PSA! linuxmint.com data breach alert from LifeLock

Posted: Sat Oct 20, 2018 2:21 am
by smurphos
stormryder wrote:
Sat Oct 20, 2018 12:29 am
zakthemaster wrote:
Fri Oct 19, 2018 11:13 pm
I recieve an alert from LifeLock
Hopefully you aren't paying for such outdated information,
A tenner a month according to their website and it takes them 2 1/2 years to notice a reported breach and even then they get the dates wrong. What a LOB....

i'd be demanding a refund at this point.

Just subscribe to this free service - https://haveibeenpwned.com/

IIRC a forum password change was mandatory when the forums were brought back online after the breach.

Re: PSA! linuxmint.com data breach alert from LifeLock

Posted: Sat Oct 20, 2018 3:51 am
by xenopeek
We are only aware of a breach on our website in February 2016. The authoritative website https://haveibeenpwned.com/ does not show any other breaches either.

Perhaps the following can explain why you're getting an alert now. We've been contacted early October by a company like LifeLock, monitoring stolen data for sale on the darknet, who had also found what they thought was proof of a new breach. They responsibly reached out to us to validate the data. We were able to confirm that the data they had was an exact match for the data stolen during the February 2016 breach on our website and that it was not a new breach.

I suspect LifeLock has found the same data on the darknet but hasn't reached out to us to validate the data and, mistakenly, is reporting it as a new breach.

Following the breach in February 2016, security of all our websites was improved. You can read about what was done at the time here: https://blog.linuxmint.com/?p=3007. Everybody who had an account back in February 2016 has already changed their password since and has been informed at the time (see example of email sent here viewtopic.php?f=60&t=217506) that they should change their passwords on other websites if they weren't using unique passwords.