I had to change a few passwords due to this nonsense. I feel like someone owes me something if I complain loud enough. Darn those cyber criminals!!!

I've been using it for almost 9 years - ever since I had my Click2Pay ewallet compromised back when I foolishly used the same email/password combination on many sites. Probably have 60 or so entries of unique and very complex passwords, something I'd never attempt without a password manager.

As a result of this my email address was hacked and financial information was stolen and used.

The data was taken at the start of December, the group responsible have had over a full months head start.

+1 on KeePass: Easy to use. I have used it since about 2011

I have over 200 entries and every time I need to register for something new it only takes a few extra seconds to fire up a new entry and get a brand new unique password. And it's all there for the times I don't even go back to a site for months or years to remember everything for me.

And it's cross-platform. I use windows and android. There is something for chromebooks but I haven't tried that. The database syncs with dropbox or google drive or you can just copy it around manually. And the master password can be extended with a unique key file transferred offline.

Can anyone else confirm that leakedsource is legit? I am afraid that if I go to a site such as this I will be giving them information instead of checking what kind of personal info has been leaked.

Anyone had their skype hacked because of this? or suspect they've had it hacked?

My web security (McAfee) says that the website itself is clean, and the only information they requested was what I wanted checked, in my case my e-mail address, which they confirmed was compromised in this hack. They also confirmed my IP address and birth date were included in the hack.

I'm quoting my previous post because nobody from 2+2 answered my question. I think it behooves the Mods and management to respond to this, even though they obviously think they have bigger fish to fry, and I'm just one computer illiterate member. I imagine others here would be interested in the answer as well....

.

Mainly spam if you reset your password and did not use the old password elsewhere. I am not sure what good it does them to have the IP (other than to get a general location for you.) The birthdate is potentially an issue I guess since some people ask for it to verify that you are you...but imho that is a lousy way to identify someone. (All of this is just my opinion. I am sure there will be those with other opinions.)

2pairs, I think his concern re leakedsource is that if you enter an email that's not in their repository, they could be like, "Thanks, it wasn't in our repository, but it is now." No idea if they do that, but they're kinda scummy. OTOH, they have info from the two 2p2 hacks that the more altruistic site Haveibeenpwned.com doesn't.

Thanks Bobo, Aruj for adding your experiences - really appreciate the extra reassurances, because was using the password manager that came with Google Chrome until it started to seem like it might have gotten hacked? Had stored my credit card info on it, and someone tried to use it to make a large purchase. And then around that same time, started getting messages from Yahoo and iTunes that someone had tried accessing my accounts, and needed to change my passwords. So am not sure if it was the Google password manager that got hacked - but it seems like the only place where all that info could have be found?

After that, have been pretty shy about giving password managers another try. Although it sounds like others such as KeePass must be more secure, if no one else has had problems with password managers, so that's nice to know. And this article was pointing out that even if password managers have some vulnerabilities, it's probably better to have one than to stick with having a passwords that are sort of similar ... eg. <3Cats1, <3Cats111 (lol jk)

So will have to set one up tonight - thanks everybody!

both sites list completely different sites for my user name/e mail address being compromised, including some sites that im pretty sure I wasn't registered on. esp leaked source. Have I been pwned doesn't list 2 +2 either time for my user name or email.

I did try haveIbeenpwned and the sites they listed as having been compromised did make sense.

I haven't touched leakedsource yet.

Ive not had my Skype hacked but my PStars account was last night.

This site really need to step up its security. It this era were a lot of hacking is going on every site it ironing their security to battle any hacking. 2+2 site become a victim of hacking because of weak security feature.

And what should the thousands of banned accounts do?

#ReleaseTheBans

Installed the password manager yesterday, and used a password generator to create new ones - and now my password for 2+2 is so complicated, even i don't know what it is

So hopefully that's a step in the right direction There must be easier home computers to hack than ones with password managers - so am optimistic that'll help keep any potential hackers at bay.

Thanks again for the help everybody!