Uh, gee MacRumors. If you were hacked, why not email your members to change their passwords, instead of posting it on your front page. Not everyone checks your site on a daily basis.
Interesting. I use a Yahoo email for my profile on this site. I received a notification from Yahoo saying my account was locked due to suspicious activity. I was surprised, as I hadn't been doing anything with it in the last few days.
Wonder if they were trying to hack into my Yahoo account from data stolen here?
I use a different password for every site that I have an account, and several different user names across those various sites.
Ha, that's the exactly same thing that happened to me yesterday. So the hacker uses our emails registered with MacRumors and tried to get to Yahoo email accounts, using the same passwords. I didn't use the same password, so I guess they failed. But they could get into someone else account.
Did anyone else have the iMessage/FaceTime message or the Yahoo break-in attempt? I want to know if this was an active attack across accounts. Not good if you used the same password for everything before the attack.
Same problem here, I cannot get MacRumors to work with iCloud Keychain.
1. Latest version of Mavericks on MacBook Air.
2. iCloud Keychain will offer to generate a password for me (and it autofills the fields when offered).
3. Try to login on MacRumors and it will never autofill the fields.
4. Using latest version of Safari, I have "AutoFill user names and passwords" and "Allow AutoFill even for websites that..." checked in the preferences.
5. Disabling popup blocking, disabling Safari Extensions, and restarting Safari and the Mac did not help.
6. MacRumors does not show up in the Passwords section of the Safari preferences, nor in the Keychain Access app. In other words, it offered to save the password for me, generated a password for me, and filled it, but seems like it never saved it.
7. Also tried it on the iPad winning iOS 7.0.3, same deal there.
8. I have other sites that are working with iCloud Keychain (and are visible int he preferences and in Keychain Access, so I know it's not that the whole thing is not working.
Any ideas what I'm doing wrong?
Same here
I mean, will not be losing any sleep over this. Changed my pass. Thanks MacRumors for being open and honest.
And some of them might use same email and password on their bank/Paypal sites.
Just changed my password using the safari suggested password, and have done this for all my accounts recently. Really useful tool.
I decided to give icloud keychain a try, 3 passwords later and I've given up. Back to something I can remember.
Not MacRumors fault. People need to take ownership of their own lack of security practice.
If you don't know what happened there is nothing to announce. Maybe no personal info was accessed. If so, not a breach under most state laws.how ironic we just talked about this in ECommerce class today.
"should a company announce a security leak right away before the media gets wind of it or wait til they know what happened exactly and how to fix it?"
Someone explain to me why this is a big deal? In other words, so what if someone has my username and password here. So they can post as me and make snarky remarks about apple products?
It's not like my credit card info or SSNs are stored here. So what is the concern? Please explain.
Just checked and my old password was qwerty. Looks like I wasn't too concerned with security to begin with.
The scariest day in MacRumors history.
it's coming
arn
Someone explain to me why this is a big deal? In other words, so what if someone has my username and password here. So they can post as me and make snarky remarks about apple products?
It's not like my credit card info or SSNs are stored here.
Think it's a concern that they have your email too.
Some people may use the same password here and for other services that can be accessed with a email address, Paypal, google, apple App Store etc.
A lot of people will use the same email and pass code for other things. Many many years ago I did the same for my email account and eBay. I learned the hard way and thankfully it wasn't bad
So the bad guys will take thousands of emails and manually try various sites?
The worst they can do? Learn your email address, your user name, and your password. If your password wasn't created with a random generator, then they'd have an idea of how you choose your passwords. If you use the same username on any other sites, they'd likely be able to gain access to them. If any of those sites have security questions, they might be able to gain access to your answers. All of this information can be compiled and then used against juicier targets than web forums, where they can gain even more details about you. At absolute worst, this could lead to identity theft, leaving you to clean up a credit mess after a criminal went on a spending or activity spree, posing as you.Someone explain to me why this is a big deal? In other words, so what if someone has my username and password here. So they can post as me and make snarky remarks about apple products?
It's not like my credit card info or SSNs are stored here. So what is the concern? Please explain.
They will have automated methods to test matching credentials against target websites.