Data Breach

[mindless1]

I don't usually use Chrome browser on ATF, but today I did and upon going to ATF, I get this Chrome (generated) pop up warning that both

anandtech.com
mindles...***********
Found In Data Breach
Just Now

forums.anandtech.com
mindles...***********
Found In Data Breach
Just Now

Is this something everyone else knew about and I'm late to the party because (maybe) my main use browser on ATF apparently blocks some popup notifications?

Chrome also listed a very old Yahoo account is breached, but that account hasn't been used in ages, has nothing in common with anandtech.

I'm unfamiliar with this Chrome password check feature, never saw it before but it looks legit? I mean it's not going to some 3rd party site trying to get me to input my password, is showing as a URL of chrome://settings/passwords/check?start=true

 

[UsandThem]

I haven't personally encountered any data breaches here with my info, but maybe you have Google set to check your stored email and passwords to see if they have shown up anywhere they shouldn't have? Yahoo email has had multiple data breaches, and I quit using them 3-4 years ago because it happened multiple times. My wife kept using her Yahoo account for several years after that, and she received notification that there were additional data breaches. If you still use the Yahoo account, change the password immediately. If not, be sure to close the account after changing the password.

Here's the setting in Google Chrome:



Also, if you browse the forums using the Chrome browser, install an ad blocker because otherwise the forums are almost un-browsable because of some of their "ad" partners. Like the "You won a Walmart gift card" pop-ups that hijack your browser.

 

[mindless1]

I just changed PWs on both Yahoo and ATF when I got the notification.

I didn't make any effort to have Chrome check passwords. The setting you show above is enabled by default on Chrome version 86.0.4240.193 (Official Build) (64-bit). I am fairly sure I've been on ATF with Chrome in the past few months, with a version of Chrome new enough that it should have had this PW check feature already, but I've no idea if it might have been off by default and a recent version switched it on by default.

Just seems strange that the Anandtech PW would be compromised, maybe something happened that staff is not aware of yet? Granted it was not a very strong password but now is.

 

[UsandThem]

Just seems strange that the Anandtech PW would be compromised, maybe something happened that staff is not aware of yet? Granted it was not a very strong password but now is.

I've dealt with several data breaches over the years; Home Depot, Target, Yahoo, etc.

I've never had anything related to Anandtech. That said, I also set a different password for every website I am registered to, so there are never any duplicates (which cuts down on this sort of thing). I also have Two-Step verification enabled in my Anandtech Forums account, so I have to enable devices every 30 days (or when I sign into a new device for this first time).

 

[Spacehead]

Could it have something to do with Chromes “Safety Check”?

Starting with 86, Chrome’s “Safety Check” supports the “.well-known/change-password”
standard. This is a W3C standard that allows websites to specify the URL where users can go to change their passwords.
Chrome 86 adding support for this standard means that users can press a button in the Chrome password settings screen and go directly to that page to change the password right away, rather than needing to search through a website's complicated structure.

Got the above quote from Security Now podcast #788
https://www.grc.com/sn/sn-788-notes.pdf - starts on page 15

 

[mindless1]

^ Don't know, it'd make sense as far as the version # except that I use Chrome daily (just not on ATF) with it set to auto-update, so I had to have v86 for the last month (? released Oct 6th), and it did read "Found In Data Breach".

 

[Steltek]

There was a data breach here in the forums 4-5 years ago (I remember reading a thread on it, and they did a forced password expiration for users). The password database was supposedly encrypted, but I also vaguely recall that one or more folks using the same login/password on other sites may have claimed in the thread here that those accounts were compromised after the breach.

It may be that the old breach was recently added to Chrome's security database.

EDIT:
It happened in 2016. The prior thread on the incident is here.

 

[UsandThem]

I forgot all about that.

It only affected me in the sense I had to change my password after they required it to be changed upon logging in.

 

[mindless1]

Thanks for that but I doubt this is something 4 years old, I've let chrome do its thing to update all along so it may be some chrome change.

BUT, you never know... I'm glad to have a problem only on my end rather than a site wide breach, but someone notices some something random whatever first... lol, if nothing else this serves as a notification that chrome might be causing false positive breach warnings on ATF.

I'm good, just fishing for whether there might be more to this than google farting on itself again.

 

[pcslookout]

My password is really long at least 31 characters.

 

[AnitaPeterson]

I just had the same warning from Chrome about a supposed AT "data breach" from "4 days ago" - which would mean March 5.