Post Reply 2 mail in 1 week regarding password reset
1005 cr points
Send Message: Send PM GB Post
Offline
Posted 8/7/16
One in 1 agust and another in 5 agust I got mail from crunchy roll asking I should reset my password. Mail claims that my password exposed to public and should be changed with link forwarding to cruncyroll's reset password page.

One thing draws my suspicion was in explanation there was link to news website with article says " hackers breached ps3 and amazon accounts". I followed the link and the article was dated to 2014. Also cruncyroll account is not psn or amazon account. Other that this, sender seems offical cruncyroll.

tl;dr , If this happened to someone else too, I want to be sure this not a spam and I should reset or delete account b/c vulnerability issues are real.
13119 cr points
Send Message: Send PM GB Post
☆Land of sweets☆
Offline
Posted 8/7/16
there's a chance it was a phishing attempt. if you reset your info, always do so my manually visiting the official CR page, instead of clicking on any links. and always triple-check to make sure it's not a fake site pretending to be CR.
106603 cr points
Send Message: Send PM GB Post
57 / M / U.S.A. (mid-south)
Offline
Posted 8/7/16

shameness wrote:

One thing draws my suspicion was in explanation there was link to news website with article says " hackers breached ps3 and amazon accounts". I followed the link and the article was dated to 2014. Also cruncyroll account is not psn or amazon account. Other that this, sender seems offical cruncyroll.

The reason PSN or Amazon accounts being hacked is relevant to CR is that many people reuse the same password, or at least a variation of it.

13119 cr points
Send Message: Send PM GB Post
☆Land of sweets☆
Offline
Posted 8/7/16

TheAncientOne wrote:
The reason PSN or Amazon accounts being hacked is relevant to CR is that many people reuse the same password, or at least a variation of it.


i facepalm when i see reports of people being hacked and the most common passwords are "123456" and "passw0rd"
it's not hard to keep separate passwords for different services. having 2-factor authentication is ideal when available, though sms based authentication is apparently vulnerable to hacking.
maybe having CR use 2-factor could be a good idea, at least as an option to paying users, idk.
Amazon does it, and it gives me peace of mind :p
106603 cr points
Send Message: Send PM GB Post
57 / M / U.S.A. (mid-south)
Offline
Posted 8/8/16

namealreadytaken wrote:

maybe having CR use 2-factor could be a good idea, at least as an option to paying users, idk.

It would be, but I honestly don't expect it to be offered anytime in the foreseeable future. After all, CR hasn't implemented something as simple as sending an e-mail to the old e-mail address when the e-mail address on an account is changed. (They only send an e-mail to the new address).

Der Zoodirektor
26133 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 8/8/16

shameness wrote:

One in 1 agust and another in 5 agust I got mail from crunchy roll asking I should reset my password. Mail claims that my password exposed to public and should be changed with link forwarding to cruncyroll's reset password page.

One thing draws my suspicion was in explanation there was link to news website with article says " hackers breached ps3 and amazon accounts". I followed the link and the article was dated to 2014. Also cruncyroll account is not psn or amazon account. Other that this, sender seems offical cruncyroll.

tl;dr , If this happened to someone else too, I want to be sure this not a spam and I should reset or delete account b/c vulnerability issues are real.


We've changed the passwords of some users recently based on reports of compromised accounts by the community, and there is a chance that yours was reset on multiple occasions due to appearing on multiple lists. What you are quoting sounds like our default email for that case.
1005 cr points
Send Message: Send PM GB Post
Offline
Posted 8/9/16
@namealreadytaken - As you suggested, I didn't followed the link, I reset password manually.

@shinryou - Thanks for information, that's makes sense now. Second mail was break point left me confused.
You must be logged in to post.