Need Advice About A Hacked Website

Soldato
Joined
23 Sep 2007
Posts
3,972
Location
Essex
I signed up to a website last month, and using my debit card to access extra bits. (It's an NZB site so nothing pervy :))

But I had an email from the hacked site saying they got 'user/pass, email addy and last connected ip address' from the database they copied.

I will ring my bank and get my debit card sorted, but can the hackers gain anything from the IP number I connected with?? I mostly use the same user/pass on the majority of the websites I go on.

The above site is down at the mo for maintenance, so I cant ask on there.

Thanks in advance !!
 
Associate
Joined
18 Oct 2002
Posts
1,749
Location
Kent, UK
I mostly use the same user/pass on the majority of the websites I go on.

You really need to change the password on every other website if you use the same user/pass on each one - especially now that one is confirmed to be compromised. Use a password manager like Keepass or Lastpass to generate a different long/random password for each one.
 
Soldato
OP
Joined
23 Sep 2007
Posts
3,972
Location
Essex
You really need to change the password on every other website if you use the same user/pass on each one - especially now that one is confirmed to be compromised. Use a password manager like Keepass or Lastpass to generate a different long/random password for each one.

Thanks for reply

So they can see what website i've been on from my IP?? I looked on my 'saved logins' and there's loads with the same info :(

I'll look at the password manager you mentioned
 
Associate
Joined
18 Oct 2002
Posts
1,749
Location
Kent, UK
Thanks for reply

So they can see what website i've been on from my IP?? I looked on my 'saved logins' and there's loads with the same info :(

I'll look at the password manager you mentioned

No they probably can't, but they don't need to. There are programs/bots which will just try your set of re-used credentials across thousands of common websites and probably find a few that you have used them on.
 
Soldato
Joined
9 Jul 2003
Posts
9,279
Don't use the same password for your lastpass account :p

I had to do the same a few years ago, its annoying but I found loads of old active accounts for sites I had completely forgotten about (went through old emails) so it was a good opportunity to make those more secure or delete them if possible.
 
Associate
Joined
27 Nov 2006
Posts
232
If your email account password is the same, that should be the first one to change. Access to your email allows someone to use a program/bot to run the forgotten password feature on sites where the compromised password fails.
 
Soldato
Joined
17 Jan 2016
Posts
6,898
I noticed a copy of the message on another forum.

It seems they installed a keylogger on the website as well. I wonder how they managed that?
 
Caporegime
Joined
22 Nov 2005
Posts
42,610
Location
Newcastle Upon Tyne
I noticed a copy of the message on another forum.

It seems they installed a keylogger on the website as well. I wonder how they managed that?
sounds like a terrible website
So they can see what website i've been on from my IP??
NO and your IP probably changed since then anyway.

They could see where you live down to about 0.5miles though if it's still your IP using one of those ip geolocator websites

if your rich in a mansion with no others houses around you might get a visit soon :D
 
Soldato
OP
Joined
23 Sep 2007
Posts
3,972
Location
Essex
I've cancelled my debit card and ordered a new one.

In my Login section within Waterfox settings - I've changed all the passwords with the sites I frequent the most. There are a couple I'm not too bothered about as I havent used them in years.

And I've changed my email password.

I did install keePass. Seems easy in a complicated way lol

First time something like this has happened to me. When it was mentioned they got a copy of the IP number I used I automatically thought they could see every site I've been on. Ive gone super paranoid :eek::(

Thanks again guys for the help/advice. Much appreciated :)
 
Last edited:
Associate
Joined
25 Jun 2006
Posts
1,343
Location
Somewhere East of Eden
But I had an email from the hacked site saying they got 'user/pass, email addy and last connected ip address' from the database they copied.

Hi, by this are you saying that the bona fide site, which was hacked, sent you an email or the hackers sent you an email? Must be worrying wondering if the email was spurious too.
 
Commissario
Joined
16 Oct 2002
Posts
336,229
Location
In the radio shack
There are a couple I'm not too bothered about as I havent used them in years.
You should change them as well, especially if there's any chance whatsoever that you're using passwords for them that you use elsewhere. It doesn't matter that you don't use them, they are a potential risk.
 
Caporegime
Joined
9 Aug 2008
Posts
30,710
Location
127.0.0.1
It’s getting to that stage now that people need to use 2fa/mfa with a password manager. Using one password on all sites is asking to be done over at some point.
 
Soldato
OP
Joined
23 Sep 2007
Posts
3,972
Location
Essex
Hi, by this are you saying that the bona fide site, which was hacked, sent you an email or the hackers sent you an email? Must be worrying wondering if the email was spurious too.

From the bona fide site :)

You should change them as well, especially if there's any chance whatsoever that you're using passwords for them that you use elsewhere. It doesn't matter that you don't use them, they are a potential risk.

Thanks, I'll go through them and change them as well.

It’s getting to that stage now that people need to use 2fa/mfa with a password manager. Using one password on all sites is asking to be done over at some point.

Have to agree on this, after being kicked in the nuts (so to speak).

Thanks again guys.
 
Associate
Joined
14 Oct 2012
Posts
1,357
There also could be extra issues depending on how the website does the transactions. The website could be storing the card details in plain text, for example. So just check through all your recent transactions (you already said you were getting a new card)
 
Last edited:
Associate
Joined
4 Aug 2008
Posts
1,961
Looks like they only found out about the breach when one of their disk failed last week.

I wonder how long their server were compromised with the key logger before they found out if not for the failed drive.
 
Top Bottom