It was only a matter of time.
In the past few weeks, the 713 million login credentials that were stolen from separate attacks on Myspace, Tumblr, LinkedIn, and others have been put up for sale online. Now, it appears that hackers have purchased those credentials and are using them to attempt to break into other sites, notably Carbonite, a cloud backup service, and GoToMyPC, a remote login service, according to SC Magazine.
Luckily, Carbonite was alerted of unauthorized attempts to access user accounts. They swiftly sent an email to customers saying, “This activity appears to be the result of a third party attacker using compromised email addresses and passwords obtained from other companies that were previously attacked. The attackers then tried to use the stolen information to access Carbonite accounts.”
There is no evidence that Carbonite itself was breached.
Carbonite required all customers to update their passwords. If you are a Carbonite customer and you haven’t done so already, you should login and change your password immediately. For some customers, usernames and passwords were exposed and for others whose accounts were actually accessed by a hacker, their private backed up data was exposed.
Carbonite also mentioned, “In addition to our existing monitoring practices, we will be rolling out additional security measures to protect your account, including increased security review and two-factor authentication [which we strongly encourage all customers to use].”
For help resetting your Carbonite password, follow this link.
Because we are an authorized reseller of Carbonite, we understand that many of our customers are also Carbonite customers. If you have any questions or concerns, please call us at (806) 350-8324.
And if you want to know if your email address has been involved in any data breach, visit haveibeenpwned.com.