Android Forums Hacked

[CoxJul]

Y'all know the usernames, email addresses and passwords have been hacked from this site and are being used by spammers, extortionists (the "I know your password and have been videoing your Porn habit..." scam) and who knows who else.

How do I know? I have a unique email address for every site I register on and regularly get spam, "I know your password" etc...to this address with what used to be my password inserted.

So those of you who use the same email address and password combination for multiple sites... change your passwords!!

 

[dontpanicbobby]

No.

 

[PitCarver]

 

[dazek]

Used a unique email address also. That was hacked in 2016 but my password was also hacked yesterday.

 

[lunatic59]

Yes, and no.

Android Forums was hacked ... 8 years ago.

From https://haveibeenpwned.com/

"Android Forums: In October 2011, the Android Forums website was hacked and 745k user accounts were subsequently leaked publicly. The compromised data included email addresses, user birth dates and passwords stored as a salted MD5 hash.

Compromised data: Dates of birth, Email addresses, Homepage URLs, Instant messenger identities, IP addresses, Passwords"

At that time ALL members were notified and passwords should have been changed then. 2-factor authentication was enabled and certificates renewed. Since then there have been no more incidents. If you haven't changed your password since then, it's likely your account was hijacked. Please change your password immediately.

 

[mikedt]

If you haven't done so already, change your password to something unique, that you haven't used on any other sites, and definitely enable two-factor.

What can get your account hijacked, is sharing the same password across multiple login accounts, and then one of them is compromised.