Quote:
Originally Posted by kb5zcr
I understand the point, but I still think that some info could be released, i.e. the Ip address was in Florida, or China, or wherever. It just seems like there should be more info than "We were hacked, about this date, change your password"
As someone in the information security industry, releasing this information would provide no value (if it's even available, the originating IP may not have been logged or if it was logged the log may have been deleted.) Any low level hacker will be utilizing someone elses already compromised PC - it could very well be yours and you wouldn't know it. At a minimum they won't "attack" from "out in the open" via their home.
Investigations take a long time and for breaches like this the cost of an in depth one isn't worth it. Not saying that no investigation is being done , just basing it off of my experience. The only thing likely known at this point is that there was a breach and as stated, you should change your password. Also, change your passwords on other sites if you used the same username/password combo.
For critics of this being another breach, you severely (and i really mean severly) underestimate the number of breaches you don't hear about. Ignorance can be bliss.
Assume the person/people that were successful in this attack are reading these posts and are looking to leverage your account for more monetary gains (i.e. using your 2p2 username/password to login to your online banking.)
Quote:
I am a noob.... What does this mean for your average Joe?
Should we change anything else other than our passwords? IE is it feasible for someone to have my bank details now?
If you were using the same password (especially username/password combo) you should go ahead and change your online banking password. Never reuse passwords for sites that have any $$$. If your bank offers two factor authenticaction, use it.
As for the average Joe, this probably doesn't mean much. Data breaches happen daily. Just don't reuse your credentials across websitea, email services, etc. Companies overall are just really behind the ball when it comes to security and often times something small goes overlooked which allows a breach to happen.
(I'm in no way affiliated with 2+2, just wanted to chime in here)
Last edited by Chuckled; 01-14-2017 at 01:30 AM.