Make sure you check your passwords shared with old AGF

Post All Your Unrelated Stuff Here.
Post Reply
User avatar
honyock
Reactions:
Posts: 957
Joined: Wed May 27, 2020 2:27 pm

Someone from San Jose just accessed my defunct Hulu account which ashamed to say shared my AGF password and email. Fairly certain that email/password combo had not been compromised as I had changed my email and password after my Yahoo email had been compromised years ago and I made the mistake of reusing passwords back then.
10 years, 2 months, and 8 days of blissful ignorance ruined by that snake in the grass Major Tom.
User avatar
LightWingStudios
Site Admin
Reactions:
Posts: 1018
Joined: Wed May 27, 2020 11:34 am
Location: Titusville, FL U.S. of A.
Contact:

honyock wrote: Thu Jun 04, 2020 11:52 am Someone from San Jose just accessed my defunct Hulu account which ashamed to say shared my AGF password and email. Fairly certain that email/password combo had not been compromised as I had changed my email and password after my Yahoo email had been compromised years ago and I made the mistake of reusing passwords back then.
They use an SQL database as well and PWs are encrypted in the DB but Email Addies ARE NOT.
U.S. Manufacturer Of Musical Instrument Protection Accessories: AxeShield HD, AxeSak HD, AmpShield HD, KeyShield HD, PedalShield HD, MixShield HD, AxeGlove And AxeCap.

Visit Us At https://www.LightWingStudios.com

Email us at contact@LightWingStudios.com
User avatar
honyock
Reactions:
Posts: 957
Joined: Wed May 27, 2020 2:27 pm

lightwingstudios wrote:
honyock wrote: Thu Jun 04, 2020 11:52 am Someone from San Jose just accessed my defunct Hulu account which ashamed to say shared my AGF password and email. Fairly certain that email/password combo had not been compromised as I had changed my email and password after my Yahoo email had been compromised years ago and I made the mistake of reusing passwords back then.
They use an SQL database as well and PWs are encrypted in the DB but Email Addies ARE NOT.
so would someone be able to use a known plaintext attack to try to decrypt the passwords?

something like this page alludes to?

https://sqlity.net/en/1617/decrypting-e ... e-objects/
10 years, 2 months, and 8 days of blissful ignorance ruined by that snake in the grass Major Tom.
User avatar
mozz
Reactions:
Posts: 1117
Joined: Wed May 27, 2020 1:37 pm
Location: NE-PA.

I used to use the same passwords on forums and a Walmart account. Someone got ahold of it and bought some digital downloads, bank reimbursed me. I don't remember storing my credit card number on Walmart but it probably did by default. I know my password was stolen from a forum just don't know which one.
AGF refugee
User avatar
mozz
Reactions:
Posts: 1117
Joined: Wed May 27, 2020 1:37 pm
Location: NE-PA.

Still getting weird spam on the email address I used in private PMs. I use spamcop and the last 20 all have been from the same Google server.
Screenshot_20200604-130327.png
Screenshot_20200604-130307.png
AGF refugee
User avatar
MrM0964
Reactions:
Posts: 26
Joined: Wed May 27, 2020 1:56 pm
Gearlist: AGF join date - 1/13/13

My Hulu account got hacked this week as well, someone from Germany. My Spotify got hacked yesterday by someone in NYC. Shady shit going on here...
User avatar
mickey
Reactions:
Posts: 2704
Joined: Wed May 27, 2020 1:37 pm
Location: Wausau, Floriduh

mozz wrote: Thu Jun 04, 2020 1:09 pm Still getting weird spam on the email address I used in private PMs. I use spamcop and the last 20 all have been from the same Google server.
Screenshot_20200604-130327.pngScreenshot_20200604-130307.png
You are friends with Megan Markle? :)
Gandalf the Intonationer
User avatar
mozz
Reactions:
Posts: 1117
Joined: Wed May 27, 2020 1:37 pm
Location: NE-PA.

Yeah but we don't talk guitars. Mum is from England, haven't heard her growing up stories about lights out raids during WW2 in a while. Covid keeps me from visiting.
AGF refugee
User avatar
RiverDog
Reactions:
Posts: 376
Joined: Wed May 27, 2020 1:35 pm
Location: St Augustine, FL
Contact:

Interestingly, someone tried to access a Nintendo account I didn't even know I had. I don't know if the PW was the same as what I used on the .com site but it's quite possible. I was able to change my Nintendo PW and then I deleted my account.

This whole thing is sure looking a little fishy. How many members have had some kind of hack, etc. now?
Aaron
---------------
"What is perfect pitch?"
"Perfect pitch is when you toss a banjo into the dumpster, it hits an accordion and they both break."
User avatar
Flatline
Reactions:
Posts: 331
Joined: Wed May 27, 2020 4:38 pm
Location: Indiana

Setup two-factor authentication every account that you can. It isn't bullet proof, but will at least make it much harder to gain access to your accounts.
User avatar
honyock
Reactions:
Posts: 957
Joined: Wed May 27, 2020 2:27 pm

luckily it was a defunct account never used for anything but a free trial. but it did have my full name associated with it. I have updated my password, removed my namr, and moved the account email to a burner account not associated with anything but being a burner.
10 years, 2 months, and 8 days of blissful ignorance ruined by that snake in the grass Major Tom.
User avatar
Rollin Hand
Reactions:
Posts: 1443
Joined: Wed May 27, 2020 1:38 pm

Thanks for this -- just changed my PW here and at the old AGF. Just in case.
"I'm not a sore loser. It's just that I prefer to win, and when I don't, I get furious."
- Ron Swanson
User avatar
fullonshred
Reactions:
Posts: 505
Joined: Wed May 27, 2020 1:41 pm

Every so often I get the old "I know you were watching pron and I videotaped you and if you don't send me Bitcoin I will send the video of you wanking off to all your contacts."

I thought about sending a replay along the lines of "ooohhhh, what turn on that would be - go ahead". But I just block them instead.

I never reply but [mention]Raindog[/mention] has before.
User avatar
JimyTheAssassin
Reactions:
Posts: 170
Joined: Wed May 27, 2020 1:50 pm

Ya password change is a good idea. Fortunately no spam has shown up yet. It seems after checking AGF.com by browser that they have let security certificates lapse. So I strengthened my password.

I’m lucky that mine was unique to AGF. No spam yet


Sent from my iPhone using Tapatalk
AGF refugee11/30/08-5/28/20 (8,502 posts)
User avatar
tobijohn
Reactions:
Posts: 1735
Joined: Wed May 27, 2020 12:54 pm
Location: Palm Beach Gardens, FL

fullonshred wrote: Thu Jun 04, 2020 3:17 pm Every so often I get the old "I know you were watching pron and I videotaped you and if you don't send me Bitcoin I will send the video of you wanking off to all your contacts."

I thought about sending a replay along the lines of "ooohhhh, what turn on that would be - go ahead". But I just block them instead.

I never reply but @Raindog has before.
I usually respond with ""I've got vids of you f**ing your (father/mother/sister) so I guess we're even"...
Delightful mix of insolence, arrogance and narcissism
Proud RINO trapped in a heavy metal chassis
Growing up, only kid in the neighborhood with an Uncle Ahkbar
User avatar
Raindog
Reactions:
Posts: 226
Joined: Wed May 27, 2020 5:21 pm
Location: In a cave, Coldwater, AL, USA, Earth, Milky Way
Contact:

tobijohn wrote: Thu Jun 04, 2020 4:16 pm I usually respond with ""I've got vids of you f**ing your (father/mother/sister) so I guess we're even"...
I usually reply, asking for copies of the video to share with family and friends. I actually had one reply back a week after the first message, giving me a second warning and talking more sternly. The little bastard even called me F***face. What a wonderful world!
User avatar
brattmatter
Reactions:
Posts: 19
Joined: Thu May 28, 2020 6:30 pm

I use this for passwords. And change them as often as I can remember—which is not as often as I should. But they are all very secure and unique.

https://www.useapassphrase.com/
User avatar
fatjack
Reactions:
Posts: 418
Joined: Thu May 28, 2020 10:14 am
Location: chucktown SC

@mozz we probably heard very similar stories from our moms as mine is English as well.She was from Hungerford , Berkshire The 10st and I think 82nd airboure practiced jump on the commons outside of town.
Post Reply