Administrator
ID Verified
Trusted
Geekzone
Hi folks
Over the last few days, we noticed a couple of episodes where suspicious replies were posted on Geekzone.
In one case, the account owner emailed me to say his account was compromised somewhere else and used on Geekzone to post spam from a US-based IP address. He only noticed it because he received a topic reply notification and he hadn't posted in that topic before. I was told the password was reused between different sites.
In another episode, a spam reply was reported and we noticed the post was from an Estonian-based IP address.
I suspect this could be either data leaked from the LastPass breach, or a data leak somewhere in New Zealand, and some Bad People (TM) are testing the passwords in smaller sites before going for the big ones (banks, stock, etc).
- Please ensure you use unique passwords for each site.
- Use a password manager (not LastPass) to record all your unique passwords.
- Enable 2FA where possible, either using an Authenticator app or Yubikey if possible.
- SMS 2FA is not as safe, but if no other option is available, use it.
We do not know your password on Geekzone and we have no way to read it. I have now implemented a login notification email to let you know when someone logged into your account.
PS. I suspect one recent data leak in New Zealand, but the disclosure did not mention passwords so I won't name it.
