Data leak

babydinosnoreless · Post by **babydinosnoreless** » Sat May 27, 2023 7:59 am

Got a notice from apple that my cpaptalk account password was involved in a data breach and that I should change it. Funny thing is it wasn't my current password but a very old one. Anyone else have this happen ?

Pugsy · Post by **Pugsy** » Sat May 27, 2023 8:32 am

No. Haven't had it happen to me or heard of it.

BUT....did you verify that the apple notice was indeed from apple and not someone spoofing to glean personal information?

I get similar "notifications" that look very real from a variety of sites and they aren't real. Just someone pfishing for some useful personal information.
Heck, just last week I got something from Wells Fargo Bank about my account being compromised..yada, yada, yada
Funny thing is that in my entire life I have never had a bank account at Wells Fargo in any capacity.
Then when I go look at the url they want me to go to...it's not WellsFargo but something made to look like it.

Julie · Post by **Julie** » Sat May 27, 2023 8:59 am

The point is that they want you to enter your personal and/or bank info which they will then use to take your money and run. If you're EVER unsure, even a bit, about similar mail, call the bank or legit co. you deal with and ask if the email's from them or not... very likely it isn't even if they're in the habit of mailing you with info most of us deal with on the phone. They'll likely tell you it's NOT from them, so delete the orig. mail and forget it. NEVER give your personal and/or bank info to ANYone you don't know previously and always check things out first.

babydinosnoreless · Post by **babydinosnoreless** » Sat May 27, 2023 9:46 am

Pugsy wrote: ↑
Sat May 27, 2023 8:32 am
No. Haven't had it happen to me or heard of it.

BUT....did you verify that the apple notice was indeed from apple and not someone spoofing to glean personal information?

I get similar "notifications" that look very real from a variety of sites and they aren't real. Just someone pfishing for some useful personal information.
Heck, just last week I got something from Wells Fargo Bank about my account being compromised..yada, yada, yada
Funny thing is that in my entire life I have never had a bank account at Wells Fargo in any capacity.
Then when I go look at the url they want me to go to...it's not WellsFargo but something made to look like it.

It wasn't from an outside source (email or text) it was actually in inside the keychain app on my iphone. So unless my phone was hacked I don't think it was fishing. It also didn't have any links to go change it it just said it recommending changing the password.

Dog Slobber · Post by **Dog Slobber** » Sat May 27, 2023 1:52 pm

Can you quote the exact message. But obfuscate any sensitive info like emails or passwords.

Did the message specifically mention CPAPTalk, the email, username or password you used on CPAPTalk?

Typically these messages mean:

There was a data breach on a site, often the breach is the username and password database file. The passwords are (almost) never in plaintext but hashed.
When the breach is learned, the stolen data may end up in sites where one can check if they have account info within the breach database
Anti-malware software will reference breach databases and warn you if you have credentials within it, and might also warn you if any of the credentials are used at another site.

So long as any passwords that were in use during the breach have been changed, you are safe.

You can go to breach database sites like: https://haveibeenpwned.com/

Then enter your email address, it will then list any breaches have occurred on sites that where you have an email associated account.

chunkyfrog · Post by **chunkyfrog** » Sat May 27, 2023 2:02 pm

Phishing is big business--criminal enterprise.

Data leak

Data leak

Re: Data leak

Re: Data leak

Re: Data leak

Re: Data leak

Re: Data leak