Advice Request 40+ Passwords Found in Data Breach - Help Me Understand What Actually Happened

Please provide comments and solutions that are helpful to the author of this topic.
vaultedlogic

vaultedlogic

New Member
Thread author
Apr 20, 2025
12
vaultedlogic said:
Hey thank you so much for your help! Your explanation makes a lot of sense and hour tips helped a lot. I entered my email in hudson rock and it said "This username is not associated with a computer infected by an info-stealer." "0 Compromised Personal Services" "0 Compromised Corporate Services" and I checked my email on have I been pwned and it found my email in 4 really big data breaches, based on that, would it be safe to say this was more likely caused by data breaches than an actual device hack?
Click to expand...
That explains things unfortunately... I've mentioned View attachment 288185
bazang said:
Hudson Rock's website provides that same message for every user name.

Hudson Rock is an "aggregator" of data and, unless your user name that you entered is absolutely unique, the website free feature provides an aggregated, generic tally of data and the generic "infected by an infostealer" is not necessarily accurate. It is also the same with compromised passwords - HudsonRock is aggregating the data that it scrapes and presenting it to you in an un-differentiated form.

Try entering "william@gmail.com" on the Hudson Rock website. 1,337+ "services" infected. That is because people all over the world use the username "william@gmail.com" without even having a "william@gmail.com" account, and those systems have been compromised in one way or another. There's other reasons too for the large "infected" numbers.

View attachment 288204

To be more sure, you need the Hudson Rock report that lists your specific device name (at the time of infection) and your exact public IP address. (You can try the "Hudson Rock Free Report" option at the top of the page.)

Enter your public IP address into HudsonRock's free online tools instead of your username. You will still receive an "aggregated" set of numbers of data collected across many, many data sources.

You need the Summary of Infections report (example):

www.infostealers.com

Hudson Rock Announces First Comprehensive Infostealers AI Bot: CavalierGPT

Announcing the launch of CavalierGPT, the groundbreaking AI Bot that retrieves and curates data to empower cybersecurity researchers.
www.infostealers.com www.infostealers.com

It is wrong to conclude that whatever happened to your devices was due to a data breach. That is just a very imprecise guess. There is insufficient infos to make that determination. The only definitive, accurate answer can be determined by a forensic investigation of both the devices and cloud resources.

If it was a data breach, you don't know where the breach occurred, and therefore you need to close every single one of your online accounts and open new ones. Just changing logon credentials can be "not adequate." At the very least you should report that you think your data has been compromised and report it to every single online account that is valuable to you.
Click to expand...
I tried all my emails only the infected email showed that it was compromised also the date is accurate on point and the device name too
 
vaultedlogic

vaultedlogic

New Member
Thread author
Apr 20, 2025
12
Zero Knowledge said:
Wrecker4923 has some great advice, follow it and you will go far in securing your digital identity!

Personally if your running Windows I would run a FRST scan and post it on this forum or another malware help forum. With your iPhone only Apple has the access to determine if you have been pwned, they lock it down very tight and don't let 3rd party tools high level access. Reset the device just to be sure, but a good tip is to shutdown or restart your mobile device once a day because most sophisticated mobile malware can't survive a reboot due to fear of getting caught. Now of course there is malware out there that survives a reboot but if your infected by it you have more to worry about.

Info stealers are most likely looking for crypto wallet and keys these days. All the best hacks are coming from that industry. If you have any holdings monitor your wallet.
Click to expand...
Thanks for your advice! As soon as things happened I called a local malware place and they told there's nothing to worry about because in most cases they try to gain something financial only by looking for crypto wallets or amazon cards and all that.
 
  • Like
Reactions: Zero Knowledge
vaultedlogic

vaultedlogic

New Member
Thread author
Apr 20, 2025
12
bazang said:
Hudson Rock's website provides that same message for every user name.

Hudson Rock is an "aggregator" of data and, unless your user name that you entered is absolutely unique, the website free feature provides an aggregated, generic tally of data and the generic "infected by an infostealer" is not necessarily accurate. It is also the same with compromised passwords - HudsonRock is aggregating the data that it scrapes and presenting it to you in an un-differentiated form.

Try entering "william@gmail.com" on the Hudson Rock website. 1,337+ "services" infected. That is because people all over the world use the username "william@gmail.com" without even having a "william@gmail.com" account, and those systems have been compromised in one way or another. There's other reasons too for the large "infected" numbers.

View attachment 288204

To be more sure, you need the Hudson Rock report that lists your specific device name (at the time of infection) and your exact public IP address. (You can try the "Hudson Rock Free Report" option at the top of the page.)

Enter your public IP address into HudsonRock's free online tools instead of your username. You will still receive an "aggregated" set of numbers of data collected across many, many data sources.

You need the Summary of Infections report (example):

www.infostealers.com

Hudson Rock Announces First Comprehensive Infostealers AI Bot: CavalierGPT

Announcing the launch of CavalierGPT, the groundbreaking AI Bot that retrieves and curates data to empower cybersecurity researchers.
www.infostealers.com www.infostealers.com

It is wrong to conclude that whatever happened to your devices was due to a data breach. That is just a very imprecise guess. There is insufficient infos to make that determination. The only definitive, accurate answer can be determined by a forensic investigation of both the devices and cloud resources.

If it was a data breach, you don't know where the breach occurred, and therefore you need to close every single one of your online accounts and open new ones. Just changing logon credentials can be "not adequate." At the very least you should report that you think your data has been compromised and report it to every single online account that is valuable to you.
Click to expand...
What would be the point of reporting that my data has been compromised aside from reporting to my bank for example?
 
vaultedlogic

vaultedlogic

New Member
Thread author
Apr 20, 2025
12
Zero Knowledge said:
Wrecker4923 has some great advice, follow it and you will go far in securing your digital identity!

Personally if your running Windows I would run a FRST scan and post it on this forum or another malware help forum. With your iPhone only Apple has the access to determine if you have been pwned, they lock it down very tight and don't let 3rd party tools high level access. Reset the device just to be sure, but a good tip is to shutdown or restart your mobile device once a day because most sophisticated mobile malware can't survive a reboot due to fear of getting caught. Now of course there is malware out there that survives a reboot but if your infected by it you have more to worry about.

Info stealers are most likely looking for crypto wallet and keys these days. All the best hacks are coming from that industry. If you have any holdings monitor your wallet.
Click to expand...
Will do, thanks for your advice! It seems like it's my PC only, because that's what I get when i enter my email on hudsonrock i get my exact PC model. Also yes that's what many people told me it's more likely just an inforstealer thing for financial gains and if nothing has happened so far like blackmailing or identity theft i'll be most likely good to go (it's been about 7 months). Lastly do you think things like this can access cameras or would that be a advanced case of hacking which is not likely to happen to the average person?
 
bazang

bazang

Level 15
Jul 3, 2024
708
vaultedlogic said:
What would be the point of reporting that my data has been compromised aside from reporting to my bank for example?
Click to expand...
Because attackers can still gain access via credential stuffing, brute force, and others.

LOL, your email accounts might have been configured with redirects where the attacker receives copies of your emails.

There's other things too. Too long of a list for here.

Attackers can do just about anything because you still have no idea of what actually happened. Your accounts might still be compromised - and co-opted or used for malicious purposes.
 

Similar threads

Amnesia
Advice Request Building a Keepass syncing home server
Replies
3
Views
529
General Security Discussions
Bot
Bot
E
    • Like
Advice Request Sextortion Scam
Replies
15
Views
1,610
General Security Discussions
Bot
Bot
H
Serious Discussion Clicked on a Dropbox spoofed email - Want to check I've done all I can to protect myself
Replies
2
Views
636
General Security Discussions
icotonev
icotonev

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top