Teams
Forum List
Toggle sidebar

Email about changing password?

CyCloned

CyCloned

Well-Known Member
Oct 18, 2006
13,534
6,883
113
Robins, Iowa
I received this e-mail today. Should I be changing my password or is this spam? I am assuming this is Cyclone Fanatic.

Hello CyCloned,

We take privacy seriously at Disqus. We are emailing to inform you about a potential security matter.

*What happened?*

A snapshot of our user data from 2012 has been exposed. We were alerted to this issue on Thursday, October 5th and worked as quickly as possible to investigate and to contact the affected users.

*What information was involved?*

Your email linked to your Disqus account and Disqus username, as well as your password (hashed using SHA1 with a salt; not in plain text) may have been included. Right now there isn’t any evidence of unauthorized logins occurring in relation to this, but it is possible for this data to be decrypted (even if unlikely). Out of an abundance of caution, we are requiring you to change your Disqus password.
 
jdoggivjc

jdoggivjc

Well-Known Member
Sep 27, 2006
59,526
21,042
113
Macomb, MI
CyCloned said:
I received this e-mail today. Should I be changing my password or is this spam? I am assuming this is Cyclone Fanatic.

Hello CyCloned,

We take privacy seriously at Disqus. We are emailing to inform you about a potential security matter.

*What happened?*

A snapshot of our user data from 2012 has been exposed. We were alerted to this issue on Thursday, October 5th and worked as quickly as possible to investigate and to contact the affected users.

*What information was involved?*

Your email linked to your Disqus account and Disqus username, as well as your password (hashed using SHA1 with a salt; not in plain text) may have been included. Right now there isn’t any evidence of unauthorized logins occurring in relation to this, but it is possible for this data to be decrypted (even if unlikely). Out of an abundance of caution, we are requiring you to change your Disqus password.
Click to expand...

I got something similar from "Yahoo" today (that someone from Brazil logged onto my Yahoo account from a 3rd party app). Honestly, I wouldn't trust anything from an email - that's called "spear phishing" - sending out something that looks legitimate to try and collect names, passwords, etc, and they likely have a very convincing "spoof site" set up that the links in the email will take you to in order to collect that info.

If you are worried, I'd log into Disqus and change your password and such there - not follow any links.
 
jdoggivjc

jdoggivjc

Well-Known Member
Sep 27, 2006
59,526
21,042
113
Macomb, MI
And yeah - just looking at my Yahoo account security stuff, it looks like it was a spearphishing attempt (although it's pretty convincing that they connected it with my primary email address)
 
You must log in or register to reply here.

Latest posts

Help Support Us

Become a patron
Top Bottom