Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
40+ Passwords Found in Data Breach - Help Me Understand What Actually Happened
Message
<blockquote data-quote="vaultedlogic" data-source="post: 1123382" data-attributes="member: 122066"><p>Hi all,</p><p></p><p>This has been stressing me out for months, and I’d really appreciate help from someone experienced in cybersecurity.</p><p></p><h3>What Happened:</h3> <ul> <li data-xf-list-type="ul">Aug 2024: iPhone alerted me that someone tried logging into my Apple ID.</li> <li data-xf-list-type="ul">Sept 2024:<ul> <li data-xf-list-type="ul">My Discord sent links to friends I never sent.</li> <li data-xf-list-type="ul">My Telegram also sent job scam messages in Russian via PostBot.</li> <li data-xf-list-type="ul">Got an email that someone tried logging into my Amazon.</li> <li data-xf-list-type="ul">Gmail showed a 2-week login session from Russia.</li> <li data-xf-list-type="ul">Google Password Manager said 40+ saved passwords were found in data breaches.</li> </ul></li> </ul><p>The accounts accessed mostly have reused passwords BUT some passwords were unique which made me confused...</p><p></p><h3>What I Did:</h3> <ul> <li data-xf-list-type="ul">Factory reset my PC (before scanning it unfortunately).</li> <li data-xf-list-type="ul">Scanned all devices.</li> <li data-xf-list-type="ul">Changed all important passwords.</li> <li data-xf-list-type="ul">Enabled 2FA wherever possible.</li> </ul><h3>What I’m Trying to Understand:</h3> <ol> <li data-xf-list-type="ol">How were unique passwords exposed if they weren’t reused anywhere?</li> <li data-xf-list-type="ol">Could this be malware, session/token hijacking, or password manager compromise?</li> <li data-xf-list-type="ol">Were my devices like my PC or phone hacked or is it a data breach thing and if so how does it happen in the first place.</li> <li data-xf-list-type="ol">Is there any way to identify which site leaked my data or what caused this generally?</li> <li data-xf-list-type="ol">There are a million what ifs in my mind so is there anything i should be worried about like future blackmailing, identity theft (identity scans were in my email at that time), etc?</li> </ol><p>No blackmail, leaks, or direct threats occurred up to this point but the situation has left me confused and paranoid because even a password to a private photos vault was in a data breach and i emailed the company and they said so suspicious activity was detected but I’m not sure how much I can trust that response.</p><p></p><h3>Separate Incident - Possibly related:</h3><p>February 2025, I plugged in an old flash drive that i never use and Windows Defender flagged it for two serious threats:</p><p></p><ul> <li data-xf-list-type="ul">Trojan:Win32/Astaroth!pz</li> <li data-xf-list-type="ul">Trojan:Win32/Ramnit.A They were hiding in a fake RECYCLER folder from 2016. I didn’t run any files, and Defender removed them. Could be unrelated, but it added to the paranoia which made me think can this be related to what happened? Also what can these specific malware do, can they access a devices camera for example?</li> </ul><p>And even small things like I was checking if I had unknown apps on my phone by checking if they are still on the Appstore and one of them I couldn't find on the appstore and it also made me think what if this malware and so on.</p><p></p><p>I just want to understand what happened here, can anyone here make sense of how things probably played out? Can you know if its a data breach thing or if my devices were hacked?</p><p></p><p>Thanking you guys in advance for your help!</p></blockquote><p></p>
[QUOTE="vaultedlogic, post: 1123382, member: 122066"] Hi all, This has been stressing me out for months, and I’d really appreciate help from someone experienced in cybersecurity. [HEADING=2]What Happened:[/HEADING] [LIST] [*]Aug 2024: iPhone alerted me that someone tried logging into my Apple ID. [*]Sept 2024: [LIST] [*]My Discord sent links to friends I never sent. [*]My Telegram also sent job scam messages in Russian via PostBot. [*]Got an email that someone tried logging into my Amazon. [*]Gmail showed a 2-week login session from Russia. [*]Google Password Manager said 40+ saved passwords were found in data breaches. [/LIST] [/LIST] The accounts accessed mostly have reused passwords BUT some passwords were unique which made me confused... [HEADING=2]What I Did:[/HEADING] [LIST] [*]Factory reset my PC (before scanning it unfortunately). [*]Scanned all devices. [*]Changed all important passwords. [*]Enabled 2FA wherever possible. [/LIST] [HEADING=2]What I’m Trying to Understand:[/HEADING] [LIST=1] [*]How were unique passwords exposed if they weren’t reused anywhere? [*]Could this be malware, session/token hijacking, or password manager compromise? [*]Were my devices like my PC or phone hacked or is it a data breach thing and if so how does it happen in the first place. [*]Is there any way to identify which site leaked my data or what caused this generally? [*]There are a million what ifs in my mind so is there anything i should be worried about like future blackmailing, identity theft (identity scans were in my email at that time), etc? [/LIST] No blackmail, leaks, or direct threats occurred up to this point but the situation has left me confused and paranoid because even a password to a private photos vault was in a data breach and i emailed the company and they said so suspicious activity was detected but I’m not sure how much I can trust that response. [HEADING=2]Separate Incident - Possibly related:[/HEADING] February 2025, I plugged in an old flash drive that i never use and Windows Defender flagged it for two serious threats: [LIST] [*]Trojan:Win32/Astaroth!pz [*]Trojan:Win32/Ramnit.A They were hiding in a fake RECYCLER folder from 2016. I didn’t run any files, and Defender removed them. Could be unrelated, but it added to the paranoia which made me think can this be related to what happened? Also what can these specific malware do, can they access a devices camera for example? [/LIST] And even small things like I was checking if I had unknown apps on my phone by checking if they are still on the Appstore and one of them I couldn't find on the appstore and it also made me think what if this malware and so on. I just want to understand what happened here, can anyone here make sense of how things probably played out? Can you know if its a data breach thing or if my devices were hacked? Thanking you guys in advance for your help! [/QUOTE]
Insert quotes…
Verification
Post reply
Top
