Many users are finding that their favorite pages are asking for a password change as soon as they enter. Does that mean they have been hacked?
We have been busy for a few weeks with so much hacker attack, that it is affecting all kinds of services and applications, although most of these problems come from a single source: the attack on LinkedIn servers in 2012.
It was such a large password theft, affecting 117 million accounts, that the consequences are inevitably suffered in other services as well. We repeat it again: If you had a LinkedIn account four years ago, change the password for that account and for all the accounts you share a password with.
Why are there websites that request a password change
Let’s be honest, you will, you are an Omicrono reader, but most people haven’t even heard of the attack yet, and keep using the same passwords for all accounts. If Mark Zuckerberg does it, everyone does it.
If you don’t know anything about this case, or have only heard or read some parts, you may be surprised to see that your regular website is asking you to change the password, for no reason. It happened to me recently on Tumblr, a service that I don’t usually use often; When I tried to log into my account, I was asked to change the password immediately, with no further possibility.
It is not an isolated case. Many users are reporting that they have had to do the same in other services, and even some Facebook and Netflix users are receiving emails where they are asked to change the password as soon as possible.
Have Netflix and Facebook been hacked and not been told? How is it possible that they know that we are in danger and that we have to change the password? There is a very simple explanation for all this, and that is that the security departments of these companies do not sit still waiting for the disaster to occur.
As pointed out in KrebsOnSecurity, some companies are very aware of what moves in the underworld of the Internet, looking for possible leaks of data of its users. And if they discover that a website has been hacked and that many passwords have seen the sunlight, they take the appropriate measures.
The tool that searches for password leaks on the Web
Companies know that we always use the same password, and that’s why when they see a similar leak, they take care of letting us change it. Some companies even develop their own tools to track these types of leaks, as Netflix does with its Scumblr program.
Scumblr is an open-source project developed in Ruby on Rails that is in charge of search the Internet for possible personal data and stolen passwords, using sites like Google, Twitter or Facebook. It is important to analyze these social networks, because the first effects of a leak we will probably see there.
This tool also integrates with Sketchy to take screenshots of each identified result. With all this information, Netflix managers can send mass mailings to users potentially affected by the leak.
Sure, Scumblr has been used in LinkedIn’s last password leak, and that’s why some users are getting notifications to change their password.