First  Prev  1  2  3  Next  Last
Post Reply Report: 2.5 Million Funimation Accounts Compromised in Data Breach
30000 cr points
Send Message: Send PM GB Post
83 / F / Bite the pillow.
Offline
Posted 2/22/17 , edited 2/22/17
According to the Anime News Network:

- http://www.animenewsnetwork.com/news/2017-02-22/report-2.5-million-funimation-accounts-compromised-in-data-breach/.112538

The "Have I been pwned?" and Vigilante websites, which check for database breaches, both list a data breach as having occurred on Funimation's website last July. "Have I been pwned?" reported that 2,491,103 accounts may have been compromised, while Vigilante puts the number at 2,513,525 accounts.

The compromised information purportedly includes usernames, dates of birth, email addresses, and passwords.

As of press time Funimation has not responded to ANN's request for comment on the supposed data breach.


It does list Funimation for the email address I used:

12998 cr points
Send Message: Send PM GB Post
☆Land of sweets☆
Offline
Posted 2/22/17
that sucks for Funi users. this is why you should always use a different pw for every site and use 2-factor authentication whenever possible.
12998 cr points
Send Message: Send PM GB Post
☆Land of sweets☆
Offline
Posted 2/22/17

Zavinus wrote:

I never understood why people do this. Do they just get a kick out of making an inconvenience for people?


selling personal information from millions of compromised accounts is likely a very profitable underground business.
23802 cr points
Send Message: Send PM GB Post
21 / FL
Offline
Posted 2/22/17
Im surprised you never know what will happen now and days.
105929 cr points
Send Message: Send PM GB Post
57 / M / U.S.A. (mid-south)
Offline
Posted 2/23/17
At least this gives us an idea of how much traffic Funimation sees vs. CR. When CR recently announced they had 1 million subscribers, they also noted they had 20 million registered users. I expect this was a full breach of the user database at Funimation, not a partial one.

Fortunately, it is noted by the Have I Been Pwned website that the passwords were salted SHA1 hashes rather than plain text. Changing ones password soon is still the proper course, but except for not truly random password that would be subject to a rainbow table lookup, it will take some time to crack.


For myself, I don't have much to worry about. I use unique randomly generated passwords for each site, and even the e-mail used for Funimation is used on only two other sites (and itself is an alias to an account that really isn't used for anything else, not the actual actual e-mail address they could log in with). My Funimation information isn't going to be very useful for gaining access to anything else.
43035 cr points
Send Message: Send PM GB Post
Offline
Posted 2/23/17

namealreadytaken wrote:


Zavinus wrote:

I never understood why people do this. Do they just get a kick out of making an inconvenience for people?


selling personal information from millions of compromised accounts is likely a very profitable underground business.


According to some reports I'd read a year ago not as profitable as you might think. They were saying things like this might only net a few hundred dollars. Compared to the amount of effort it's questionable if it's worth it unless you're doing it very large scale.
1749 cr points
Send Message: Send PM GB Post
30 / M / Azeroth
Offline
Posted 2/23/17 , edited 2/24/17
...............................................







5132 cr points
Send Message: Send PM GB Post
26 / M
Offline
Posted 2/23/17
A two factor authentication for this website would be nice. In this day and age just a password is not great for security no matter how complex you make it.
1329 cr points
Send Message: Send PM GB Post
27 / M / Colorado
Offline
Posted 2/23/17 , edited 2/23/17

namealreadytaken wrote:

that sucks for Funi users. this is why you should always use a different pw for every site and use 2-factor authentication whenever possible.


This.

14143 cr points
Send Message: Send PM GB Post
M / New Jersey
Offline
Posted 2/23/17
I'm not a developer, but there are plenty of examples on how to integrate Google Authenticator into a system. I have it enabled on quite a few non-Google sites. But they can't just have the web portal 2-factor, which someone could probably do in a week, they'd need to re-write their device apps to support it. And given how slow they can be in addressing app issues, well... the Amazon FireTV device is three years old, and they JUST announced support for it.
29069 cr points
Send Message: Send PM GB Post
20 / M / Bundaberg, Queens...
Offline
Posted 2/23/17 , edited 2/23/17

namealreadytaken wrote:

that sucks for Funi users. this is why you should always use a different pw for every site and use 2-factor authentication whenever possible.


i use over 100 different sites.....im not remembering all those passwords
29069 cr points
Send Message: Send PM GB Post
20 / M / Bundaberg, Queens...
Offline
Posted 2/23/17

An4thor wrote:

A two factor authentication for this website would be nice. In this day and age just a password is not great for security no matter how complex you make it.


This however i don't use them cause it means getting my phone and keeping it with me all the time
1329 cr points
Send Message: Send PM GB Post
27 / M / Colorado
Offline
Posted 2/23/17

Ryulightorb wrote:


namealreadytaken wrote:

that sucks for Funi users. this is why you should always use a different pw for every site and use 2-factor authentication whenever possible.


i use over 100 different sites.....im not remembering all those passwords


type them out in .txt and keep it somewhere.
494 cr points
Send Message: Send PM GB Post
23 / M
Offline
Posted 2/23/17

TheGrandAlliance wrote:

...............................................









I laughed way too hard at this
22376 cr points
Send Message: Send PM GB Post
56 / M / Texas
Offline
Posted 2/23/17
I just checked on my 2 e-mail addresses & congratulations ! My e-mail for Funi was hit but the e-mail for Crunchy wasn't . That must explain the spam folder on the web server being full of Viagra & Cialis spam... Not that I need that stuff .... really ...
First  Prev  1  2  3  Next  Last
You must be logged in to post.