Data Leak

For the discussion of topics related to the conservation, cultivation, propagation and exhibition of cacti & other succulents.
Forum rules
For the discussion of topics related to the conservation, cultivation, propagation and exhibition of cacti & other succulents only.

Please respect all forum members opinions and if you can't make a civil reply, don't reply!
Patrick
BCSS Member
Posts: 1114
Joined: 20 Aug 2007
Branch: SOMERSET
Country: Portugal
Location: Alentejo, Portugal

Data Leak

Post by Patrick » Thu Jan 21, 2021 7:41 pm

When visiting the forum this evening I got a message from Safari that I should change my password as the current one had been 'subject to a data leak'?

Anybody know anything about this?
Patrick. Small varied collection.
North American, Mexican and Andean Cacti, Agaves and Haworthia. Joined Somerset BCSS and forum in 2007.

User avatar
el48tel
BCSS Member
Posts: 2836
Joined: 04 Aug 2018
Branch: LEEDS
Country: UK
Role within the BCSS: Member
Location: Leeds

Re: Data Leak

Post by el48tel » Thu Jan 21, 2021 8:15 pm

Patrick wrote:
Thu Jan 21, 2021 7:41 pm
When visiting the forum this evening I got a message from Safari that I should change my password as the current one had been 'subject to a data leak'?

Anybody know anything about this?
Are you sure it was from Safari .... not likely to be ... more likely a scam to get you to reveal your current password. Don't click any links in any email or posts .... or reply to such mails.
Go to the proper sites or procedures to reset passwords.
Endeavouring to grow Aeoniums, Aylostera, Echinocereus, Echinopsis, Gymnocalycium, Lithops, Matucana, Rebutia, and Sulcorebutia.
Currently being wooed by Haworthia, attempting hybridisation, and enticed by Mesembs.
User avatar
MatDz
BCSS Member
Posts: 1147
Joined: 06 May 2020
Branch: None
Country: PL/GB
Role within the BCSS: Member

Re: Data Leak

Post by MatDz » Thu Jan 21, 2021 8:38 pm

Patrick wrote:
Thu Jan 21, 2021 7:41 pm
When visiting the forum this evening I got a message from Safari that I should change my password as the current one had been 'subject to a data leak'?

Anybody know anything about this?
There is small chance Safari goes through your saved passwords and compare them to each other when a data breach happened on one of the websites you are using, then flags all other websites with the same password, e.g.

* Gmail had a leak :mrgreen:
* Safari knows you are using the same password there and on the forum here (because you saved it in the browser);
* When you visit BCSS Sarafi pings you to change your password because it's the same as in the compromised Gmail.

I would change the passwords again just to be safer, and start using a password manager to be actually safe (e.g. https://keepass.info/).
Mat
User avatar
MikeT
BCSS Member
Posts: 1762
Joined: 11 Jan 2007
Branch: SHEFFIELD
Country: UK
Role within the BCSS: Branch Treasurer
Location: Sheffield

Re: Data Leak

Post by MikeT » Thu Jan 21, 2021 9:40 pm

Safari hasn't given me that message.
Mike T

Sheffield Branch
BCSS member26525
NaZzAtAzEr
Registered Guest
Posts: 96
Joined: 13 Jan 2020
Branch: NORTH SURREY
Country: United Kingdom
Role within the BCSS: Member

Re: Data Leak

Post by NaZzAtAzEr » Fri Jan 22, 2021 11:51 am

https://haveibeenpwned.com/

Use this website to see if your email has been involved in a data breech. I would advise to change passwords for that website and all other websites that use the same email and password
User avatar
ralphrmartin
BCSS Member
Posts: 4696
Joined: 11 Jan 2007
Branch: None
Country: United Kingdom
Role within the BCSS: Member
Location: Pwllheli
Contact:

Re: Data Leak

Post by ralphrmartin » Sat Jan 23, 2021 5:27 pm

What it probably means is that you have re-used the same password on several websites, including this one, and there has been a data leak on one of the other websites for which you use the same password. Potentially, that password is now public knowledge and associated with your id, so to be safe, it would be a good idea to change it wherever you use. Very tedious, I know, but this is the price of using the same password on many sites.
Ralph Martin
https://www.rrm.me.uk/Cacti/cacti.html
Members visiting the Llyn Peninsula are welcome to visit my collection.

Swaps and sales at https://www.rrm.me.uk/Cacti/forsale.php

My Field Number Database is at http://www.fieldnos.bcss.org.uk
Patrick
BCSS Member
Posts: 1114
Joined: 20 Aug 2007
Branch: SOMERSET
Country: Portugal
Location: Alentejo, Portugal

Re: Data Leak

Post by Patrick » Sat Jan 23, 2021 6:26 pm

Thank you all for the advice. As it happens the password I use for this forum I don't use anywhere else. Should I still change it? What I understood from the message I got was that the Data Leak was from this site, but it doesn't sound like anybody else has had anything.
Patrick. Small varied collection.
North American, Mexican and Andean Cacti, Agaves and Haworthia. Joined Somerset BCSS and forum in 2007.

User avatar
MatDz
BCSS Member
Posts: 1147
Joined: 06 May 2020
Branch: None
Country: PL/GB
Role within the BCSS: Member

Re: Data Leak

Post by MatDz » Sat Jan 23, 2021 6:29 pm

Patrick wrote:
Sat Jan 23, 2021 6:26 pm
Thank you all for the advice. As it happens the password I use for this forum I don't use anywhere else. Should I still change it? What I understood from the message I got was that the Data Leak was from this site, but it doesn't sound like anybody else has had anything.
It might have been matched using your email/login, I'd probably change it, if only for peace of mind.
Mat
User avatar
el48tel
BCSS Member
Posts: 2836
Joined: 04 Aug 2018
Branch: LEEDS
Country: UK
Role within the BCSS: Member
Location: Leeds

Re: Data Leak

Post by el48tel » Sat Jan 23, 2021 8:17 pm

Looking like it's a scam to get you to reveal your password.
Endeavouring to grow Aeoniums, Aylostera, Echinocereus, Echinopsis, Gymnocalycium, Lithops, Matucana, Rebutia, and Sulcorebutia.
Currently being wooed by Haworthia, attempting hybridisation, and enticed by Mesembs.
User avatar
ralphrmartin
BCSS Member
Posts: 4696
Joined: 11 Jan 2007
Branch: None
Country: United Kingdom
Role within the BCSS: Member
Location: Pwllheli
Contact:

Re: Data Leak

Post by ralphrmartin » Sun Jan 24, 2021 8:29 am

Patrick wrote:
Sat Jan 23, 2021 6:26 pm
Thank you all for the advice. As it happens the password I use for this forum I don't use anywhere else. Should I still change it? What I understood from the message I got was that the Data Leak was from this site, but it doesn't sound like anybody else has had anything.
Another thing you can do is install Google Chrome It has a function to check for compromised passwords. That will give you an independent way of seeing what's up.
Ralph Martin
https://www.rrm.me.uk/Cacti/cacti.html
Members visiting the Llyn Peninsula are welcome to visit my collection.

Swaps and sales at https://www.rrm.me.uk/Cacti/forsale.php

My Field Number Database is at http://www.fieldnos.bcss.org.uk
Post Reply