changing password - data breach?

Discussion about the Geocaching Australia web site
Post Reply
User avatar
ikkibrady
Posts: 80
Joined: 10 February 11 6:58 pm
Location: rosebud, victoria

changing password - data breach?

Post by ikkibrady » 14 January 21 12:00 pm

google is telling me that the gca site has had a data breach and i should change my password there asap? unsure on the truth but thought it was best i changed it anyway, i cant actually see where to change the password on the gca website. itll be somewhere simple i just cant find it?

User avatar
caughtatwork
Posts: 17015
Joined: 17 May 04 12:11 pm
Location: Melbourne
Contact:

Re: changing password - data breach?

Post by caughtatwork » 14 January 21 12:35 pm

It's in your user control panel (click your name at the top right)
ucp.php?i=ucp_profile&mode=reg_details

User avatar
CraigRat
850 or more found!!!
850 or more found!!!
Posts: 7015
Joined: 23 August 04 3:17 pm
Twitter: CraigRat
Facebook: http://facebook.com/CraigRat
Location: Launceston, TAS
Contact:

Re: changing password - data breach?

Post by CraigRat » 14 January 21 1:41 pm

Also, no data breach we are aware of.

just did a security checkup with google and it's not flagging my GCA email/accts with anything untoward.

User avatar
CraigRat
850 or more found!!!
850 or more found!!!
Posts: 7015
Joined: 23 August 04 3:17 pm
Twitter: CraigRat
Facebook: http://facebook.com/CraigRat
Location: Launceston, TAS
Contact:

Re: changing password - data breach?

Post by CraigRat » 14 January 21 1:47 pm

Without going in to details, have you used that username and/or password elsewhere??

Goggle will flag ANY password/username that has been found in breaches elsewhere and encourage you to change them.

Wording is a bit vague.

User avatar
ikkibrady
Posts: 80
Joined: 10 February 11 6:58 pm
Location: rosebud, victoria

Re: changing password - data breach?

Post by ikkibrady » 14 January 21 1:55 pm

No oddly enough I do t use that password anywhere else except the main gc website. Gca and gca forum were the only one flagged. Noo e else has mentioned it and apparently it was detected 17 days ago so I wasn't necessarily concerned. But just thkught I'd change just in case. Didn't realise you had to do it through the forum

User avatar
CraigRat
850 or more found!!!
850 or more found!!!
Posts: 7015
Joined: 23 August 04 3:17 pm
Twitter: CraigRat
Facebook: http://facebook.com/CraigRat
Location: Launceston, TAS
Contact:

Re: changing password - data breach?

Post by CraigRat » 14 January 21 2:38 pm

Similar issue here:
https://forums.geocaching.com/GC/index. ... nt=5858466

The messages shown LOOK like it's saying GC account is compromised, but if you look in to it you will find it's just saying they have records of that username AND/OR password in their compromise database and you should change anything that matches.

It's probably a good prompt for those reading this to maybe change a few passwords if you use them between sites, especially if you use the same usernames or emails!

User avatar
Richary
8000 or more caches found
8000 or more caches found
Posts: 4189
Joined: 04 February 04 10:55 pm
Location: Waitara, Sydney

Re: changing password - data breach?

Post by Richary » 14 January 21 8:21 pm

I find Chrome a bit annoying in that fashion as it flags password breaches on many internal sites at work, like when I type in an IP address to one of our microwave radios which could be 10.xx.xx.xx or 172.xx.xx.xx and it warns me I have compromised passwords. Which are probably because when people set them up initially they are flagged with the default password combination for that particular radio.

Tuena
6500 or more caches found
6500 or more caches found
Posts: 541
Joined: 17 November 06 11:38 am

Re: changing password - data breach?

Post by Tuena » 16 January 21 9:38 pm

CraigRat wrote:
14 January 21 2:38 pm
Similar issue here:
https://forums.geocaching.com/GC/index. ... nt=5858466

The messages shown LOOK like it's saying GC account is compromised, but if you look in to it you will find it's just saying they have records of that username AND/OR password in their compromise database and you should change anything that matches.

It's probably a good prompt for those reading this to maybe change a few passwords if you use them between sites, especially if you use the same usernames or emails!
Thanks for the prompt as I've always shared passwords across both sites.

When checking registered users on-line there was me & Bing [BOT]. Is the later of concern?

User avatar
caughtatwork
Posts: 17015
Joined: 17 May 04 12:11 pm
Location: Melbourne
Contact:

Re: changing password - data breach?

Post by caughtatwork » 18 January 21 9:24 am

No. PHPBB allows certain bots.

Post Reply