this post was submitted on 14 Jan 2025
72 points (93.9% liked)

Privacy Guides

17335 readers
214 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.

You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...

Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!

This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.

Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
72
I don't know what to do with this information (lemmy.world)
submitted 2 weeks ago by [email protected] to c/[email protected]
6 comments fedilink hide all child comments
 
all 7 comments
sorted by: hot top controversial new old
[–] [email protected] 34 points 2 weeks ago (2 children)

I was going to glibly respond that you should change any compromised passwords. On reading the notification it doesn't seem like they have provided exactly which sites were affected, so I understand the question now, and can only suggest researching the Stealer Logs breach. Not particularly helpful sorry.

[–] [email protected] 23 points 2 weeks ago (1 children)
[–] [email protected] 33 points 2 weeks ago (2 children)

Yep, thats the blogpost from the owner of haveibeenpwnd regarding the email OP received.

OP, it seems like you have or had malware on one or more of your devices that has been logging all of your credentials to any services you signed into on the infected devices with the email address provided in the screenshot you shared.

we're talking about the logs created by malware running on infected machines. You know that game cheat you downloaded? Or that crack for the pirated software product? Or the video of your colleague doing something that sounded crazy but you thought you'd better download and run that executable program showing it just to be sure? That's just a few different ways you end up with malware on your machine that then watches what you're doing and logs it.

These logs all came from the same person and each time the poor bloke visited a website and logged in, the malware snared the URL, his email address and his password.

I would suggest running a malware scan on devices you use to log in with that email.

On a secure device, you should change the passwords for each service that you use that email with.

If 2FA is already enabled on any of these accounts, then it should be safe and I would ensure the device is not infected before changing the passwords or else the passwords will be stolen again when you sign in on the infected device.

It is likely any other accounts that were signed into on the infected device have had their credentials stolen too, you may not have those email addresses set up to receive this notification. Also you should notify anyone else who has used the infected device that their credentials were likely stolen too.

You can check if other emails have been comprised using https://haveibeenpwned.com/ and you can also check if passwords have been comprised there too.

[–] [email protected] 8 points 2 weeks ago

To add to this, here's what I would do personally:

For disinfecting devices, it's a process:

  1. Isolate the device, remove network cards if possible.
  2. Try to find out what kind of malware it is? Is it isolated to the OS? If it's infecting device firmware I'd just replace the whole device, otherwise move to next step.
  3. Copy essential data onto a removeable drive (USB)
  4. Wipe the drive and re-install the OS fresh.
  5. Full content malware scan of all files on the USB.
  6. Copy files back onto fresh OS.

Some additional things to do:

  1. Change relevant credentials.
  2. Enable Multi-Factor Authentication (MFA) wherever offered.
  3. If you're in the US and believe that financial info was compromised (SSN, bank passwords, etc.), freeze your credit and file 1 year fraud alerts with all major consumer reporting companies (Equifax, Transunion, Experian, etc.). This is free and quick as required by law.
[–] [email protected] 4 points 2 weeks ago* (last edited 2 weeks ago)

Very thorough explanation!
I'll add a basic info for @[email protected]: every service MUST have a different password (password manager almost mandatory with a VERY strong password and 2FA). If you're paranoid like me ( 🙈 ) use a different email alias for each service (SimpleLogin)

[–] [email protected] 3 points 2 weeks ago

if OP trusts their service, they can check the passwords they used with this email to find the compromised one and change it.

also, a significant number of ppl use one email per service. for example, they add stuff to google mail addresses or use yahoo disposable emails. those would know it from the email address in the mail.