Post Reply Account Hacked
31 cr points
Send Message: Send PM GB Post
31 / M / Texas
Offline
Posted 12/7/16
He tried to make two purchases and changed all my default languages to spanish.
Not that it's that big a deal, I changed everything back, but the emails are still in spanish, I can't find the option to change it in my settings so it makes me wonder how He was able to change it in the first place.
(-,-)> Dummy thought he was slick, if he wouldn't have changed my settings and started removing shows from my Queue I would have never noticed and if I had, would have let him continue watching shows, no big deal. But he HAD to mess with my stuff.
59746 cr points
Send Message: Send PM GB Post
31 / M / Dallas, TX
Offline
Posted 12/7/16

DarkAngelExcel wrote:

He tried to make two purchases and changed all my default languages to spanish.
Not that it's that big a deal, I changed everything back, but the emails are still in spanish, I can't find the option to change it in my settings so it makes me wonder how He was able to change it in the first place.
(-,-)> Dummy thought he was slick, if he wouldn't have changed my settings and started removing shows from my Queue I would have never noticed and if I had, would have let him continue watching shows, no big deal. But he HAD to mess with my stuff.


I hope, for your sake, you've changed your password to something that won't be compromised again.
Der Zoodirektor
26119 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 12/7/16

DarkAngelExcel wrote:

He tried to make two purchases and changed all my default languages to spanish.
Not that it's that big a deal, I changed everything back, but the emails are still in spanish, I can't find the option to change it in my settings so it makes me wonder how He was able to change it in the first place.
(-,-)> Dummy thought he was slick, if he wouldn't have changed my settings and started removing shows from my Queue I would have never noticed and if I had, would have let him continue watching shows, no big deal. But he HAD to mess with my stuff.


Check the devices settings on Crunchyroll and remove any device you do not recognize.

According to haveibeenpwned.com your password was stolen in at least one major breach. It was shared in a pastebin in September. The pastebin indicates that your Netflix is compromised.
106583 cr points
Send Message: Send PM GB Post
57 / M / U.S.A. (mid-south)
Offline
Posted 12/8/16

DarkAngelExcel wrote:

(-,-)> Dummy thought he was slick, if he wouldn't have changed my settings and started removing shows from my Queue I would have never noticed and if I had, would have let him continue watching shows, no big deal. But he HAD to mess with my stuff.

You are fortunate they weren't that bright. Most account hijackers immediately change the e-mail address on the account and then change the password, locking the legitimate account holder out (since any password reset e-mails go to the new e-mail address).
31 cr points
Send Message: Send PM GB Post
31 / M / Texas
Offline
Posted 12/10/16
Yeah I noticed my Netflix was stolen first, they changed the Email and I called their customer support, I didn't notice Crunchyroll for quite some time, I noticed shows that I wasen't even interested in popping up in my History at times when I was clearly not watching. I cleared the History and waited, sure enough. So I changed my password, the shows kept coming up, that led me to the Devices tab, where I removed everything but my PS4.
Poor guy had nothing but apple and microsoft products, I should have put all his MAC addresses on pastebin...

Still, I want my emails in English, damnit. LULZ!
31 cr points
Send Message: Send PM GB Post
31 / M / Texas
Offline
Posted 12/10/16 , edited 12/10/16

eyeofpain wrote:


DarkAngelExcel wrote:

He tried to make two purchases and changed all my default languages to spanish.
Not that it's that big a deal, I changed everything back, but the emails are still in spanish, I can't find the option to change it in my settings so it makes me wonder how He was able to change it in the first place.
(-,-)> Dummy thought he was slick, if he wouldn't have changed my settings and started removing shows from my Queue I would have never noticed and if I had, would have let him continue watching shows, no big deal. But he HAD to mess with my stuff.


I hope, for your sake, you've changed your password to something that won't be compromised again.


I have a much more complicated password algorithm devised, but it depends on how they got the passwords that were in the pastebin, it's unlikely they got them from me directly, and the password was devised so bruteforcing would be retardedly troublesome. They had to have pulled them from a place I had used the password for.

Edit: Yep, Xsplit streaming software, one of the weaker all lowercase versions of that password. I mix that password up, sometimes all caps, still, imagine trying to brute force that password.. lulz! Days, and probably wouldn't even catch it running full cycle. It's a clever rework of the "Return to Castle Wolfenstein" game's cheat code "ixgwolf3d"
Der Zoodirektor
26119 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 12/10/16 , edited 12/10/16

DarkAngelExcel wrote:

I have a much more complicated password algorithm devised, but it depends on how they got the passwords that were in the pastebin, it's unlikely they got them from me directly, and the password was devised so bruteforcing would be retardedly troublesome. They had to have pulled them from a place I had used the password for.

Edit: Yep, Xsplit streaming software, one of the weaker all lowercase versions of that password. I mix that password up, sometimes all caps, still, imagine trying to brute force that password.. lulz! Days, and probably wouldn't even catch it running full cycle. It's a clever rework of the "Return to Castle Wolfenstein" game's cheat code "ixgwolf3d"


Password length >>>>> password complexity.

Most password thefts go unnoticed, as the sites affected are small and not run by companies with staff dedicated to data security. That makes it hard to associate them to a specific site as well, as the sample size is really small.
This means that most of the thefts will only become known if a criminal with access to the data shares the information publicly. If it's not shared, there's a chance that the affected users will never find out that someone is reading their mail, consuming content with their accounts, etc.
31 cr points
Send Message: Send PM GB Post
31 / M / Texas
Offline
Posted 12/20/16
Yeah, my new password algorithm allows for much longer passwords that are still easy to remember.
Doesn't do shit to protect said passwords from a mass breach. If they've taken the username/email/password list of a website, it doesn't matter how long or complicated your password is, it's violated.
13091 cr points
Send Message: Send PM GB Post
☆Land of sweets☆
Offline
Posted 12/20/16
maybe it would be a good idea if Crunchyroll added 2-factor, like major companies such as Google and Amazon does.
even if someone takes your password, they can't do a thing without the code, and you'll be notified as soon as someone tries to break into your account. not sure about the costs of implementing this, however.
You must be logged in to post.