Reverb Data breach

[dfcas]

Anybody else get an email from Reverb about this? Of course it says financial data was not visible, but I'm pretty concerned.

[nursers]

Anybody else get an email from Reverb about this? Of course it says financial data was not visible, but I'm pretty concerned.

 

I've had nothing from them so far...

[Doerfler]

Yes. Seems like I get emails like this every week now. Life in the 21st century

[KuruPrionz]

Yes, I got it. Will change my password.

I sold 5 or 6 things a couple years ago. I've only purchased one item so far. There/s not much to know about me that has value commiserate with the effort required.

 

For me, Reverb is a place to sell certain music gear since things tend to go higher than eBay. Once in a while it is a great place to buy as well.

If you know the ins and outs, one can consistently get better prices on eBay when buying and sometimes when selling but that is very item dependent and how you structure an auction.

[RABid]

Oops. They have not contacted me because I have not changed my email address on my Reverb account.

[Iconoclast]

Anything you put on the internet will eventually be stolen.

 

Anyone who thinks their data is ever secure is fooling themselves.

 

I mean the Chinese hacked all the security clearance background check info for the entire military about 10 years ago. You put your entire life on those background check forms.

[KuruPrionz]

Anything you put on the internet will eventually be stolen.

 

Anyone who thinks their data is ever secure is fooling themselves.

 

I mean the Chinese hacked all the security clearance background check info for the entire military about 10 years ago. You put your entire life on those background check forms.

 

It's almost 2 years ago now but Facebook admitted that 50 million accounts were hacked. You have to wonder how many have been hacked since then but they will no longer admit it.

I haven't been on Facebook for about 3 years or so.

 

I've always known that I can/will and have been hacked. I'm just not very interesting to a hacker. I'm not well connected or wealthy or the founder of a well populated web following.

[Fleer]

They got me too. Fun ahead.

[Docbop]

Yes. Seems like I get emails like this every week now. Life in the 21st century

 

I'd say there is probably not a company (or country) that hasn't been hacked at some level anymore. Then a whole world of intentional incorrect data being put into records to make more money is a mess too. As the quote above says Life in the 20th, 21th centuries and on.

 

My bank keeps trying to get me to do online banking and I won't do it. They ask why and I tell them I used to work for a bank in the data center and I know what the security is like. They stop asking me after that. My last job before retiring was a small financial company, I started everyday reviewing the security logs from the night before. Always full of attempts typically from IP's in other countries.

[GRollins]

A few months ago, there was some discussion in a thread here about security. A member was going on about how their password was secure because they used some sort of middleman service that scrambled things. I said you're not secure. They told me I just didn't understand and went on to describe the sales patter from the service. I said it's not your one, measly password they're after--it's much more efficient to hit the business and get a hundred thousand or ten million accounts when some nitwit leaves the default password on a server. The bad guys can just waltz in the back door; your super-duper password security didn't mean diddly-squat. My point sailed right past the member--they went back to saying how secure their password was.

 

I gave up.

 

Wonder if that member has a Reverb account and how they feel about their hoity-toity password service now.

 

There's a small voice in my head that's asking if this would have happened if Reverb hadn't been sold. Have the new owners cut IT corners? We'll never know.

 

Grey

[analogika]

Anything you put on the internet will eventually be stolen.

 

Anyone who thinks their data is ever secure is fooling themselves.

 

I mean the Chinese hacked all the security clearance background check info for the entire military about 10 years ago. You put your entire life on those background check forms.

 

It's almost 2 years ago now but Facebook admitted that 50 million accounts were hacked. You have to wonder how many have been hacked since then but they will no longer admit it.

I haven't been on Facebook for about 3 years or so.

Just a note on that: In keeping with what we know about Facebook's publicity tactics (and as predicted by some pundits at the time), the actual breach was TEN TIMES worse â we have since learned that more than 500 million accounts were scraped.

[KuruPrionz]

Anything you put on the internet will eventually be stolen.

 

Anyone who thinks their data is ever secure is fooling themselves.

 

I mean the Chinese hacked all the security clearance background check info for the entire military about 10 years ago. You put your entire life on those background check forms.

 

It's almost 2 years ago now but Facebook admitted that 50 million accounts were hacked. You have to wonder how many have been hacked since then but they will no longer admit it.

I haven't been on Facebook for about 3 years or so.

Just a note on that: In keeping with what we know about Facebook's publicity tactics (and as predicted by some pundits at the time), the actual breach was TEN TIMES worse â we have since learned that more than 500 million accounts were scraped.

 

No surprises here. As I said, I am not on there and have not been on there for 3 years or so. Which doesn't mean I haven't been hacked. Like DocBop, I also refuse to engage in online banking. I've never used my phone for anything but talk or text.

No internet, all possible Google it shut off, no passwords etc. Which means my phone has probably been hacked for the Contact list but there isn't much else to find.

 

They can hack me here, but I am not me and all I do is post nonsense so I'm not sure what they would get out of it. Still on eBay, still using PayPal sometimes and a member of Reverb also so I am not safe by any means.

The only truly safe maneuver might be to live in a cave and eat sticks and dirt, I'm not quite ready for that yet.

 

Of course, another biggie is the Medical universe and all the "Patient Portal" bs that comes with it. I have to log in to see what I owe somebody, I always print the invoice and mail them a check. I've never used a bank account on those sites.

For all we know, they could have been created by hackers, who now do not have to hack you anymore, they just get your information by your own free will (and lack of caution).

[Markay]

Well having recovered from the recent MS Exchange server breach we put in place some additional authentication steps to slow down and frustrate whatever comes next. But now the black hats have worked out how to circumvent the admin PW requirement, and the FBI are using this back door to kill web shells in unpatched US resident MS Mail servers I now work on the assumption that all my bases be someone elses.

[DJkeys]

Anybody else get an email from Reverb about this? Of course it says financial data was not visible, but I'm pretty concerned.

 

I did yesterday. It went into my SPAM folder, so I wasn't sure it was real. Good to know-

 

-dj

[ProfD]

I received the Reverb email too. Changed my password and hope for the best.

 

I've never believed our information is totally "safe" regardless of whether it's digital or papyrus.

 

Once we have written something down and/or shared it, there's potential for compromise.

[Muad’Dib]

I did!

[Joe Muscara]

This is actually one of the reasons I usually sign up with a disposable email address. If hackers get that, I can change the email I use with that company to another disposable address (probably starting with "reverb2." etc.) and turn off the first one so all those emails get eaten and never seen.

[Docbop]

This is actually one of the reasons I usually sign up with a disposable email address. If hackers get that, I can change the email I use with that company to another disposable address (probably starting with "reverb2." etc.) and turn off the first one so all those emails get eaten and never seen.

 

 

I got into using multiple email addresses a long time ago, first for fun, then for organization of topics like music, tech, percy. Then it split into email addresses using nicknames and they divided into personal and websites. Also the names I use on websites vary from nicknames to different spellings of my name. Also a habit I got into in late 80's with internet is a set of personal data that is made up. So I have my real data for legal things and my set of made up data that I've used so long sometimes I forget which is which. It has caused me a problem now and then, once with government, but in general works. At my old house the postal carriers gave up on all the different names and business names I got mail as. Some of this came from when I was working in Marketing and would sign up for mailing lists with names I made up to track whose selling my info to other mailing lists. So who am I sometimes I'm not even sure.

[elif]

...and for online accounts that require security questions, don"t use real data for answers that can be researched. Use nonsense or random data.

 

In what town or city did you grow up? ShiKahr

What was yours mother"s maiden name? BR549

 

Of course, these must be remembered. But so do any answers you provide. A PW manager helps.

[KuruPrionz]

...and for online accounts that require security questions, don"t use real data for answers that can be researched. Use nonsense or random data.

 

In what town or city did you grow up? ShiKahr

What was yours mother"s maiden name? BR549

 

Of course, these must be remembered. But so do any answers you provide. A PW manager helps.

 

PM is one way.

I put any important passwords on a list I have, which is called something completely different and wrong.

That list is not on my computer, it's on a USB thumb, an SD card and an external HD that is only plugged in briefly for storage or (rarely) password reference. All of my passwords are different.

 

None of this is foolproof. Hackers gonna hack.

[dfcas]

I'm an old geezer. I keep mine in a notebook, written in pen and ink.

[Doc Tonewheel]

Just a warning!!! If you sell on Reverb now, the ONLY way to get money is for them to wire it directly into your checking account, which means you need to provide all your account information. I canceled my account for this reason. Also, watch out for small charges in your checking account in the next few months (like $1.25 from Amazon). These can be testing attempts by hackers to see if they will go through, to be shortly followed by a clean out of your bank account.

[Doerfler]

Everyone should be using 2 step authorization for online banking. This will eliminate paranoia

[GRollins]

Also, watch out for small charges in your checking account in the next few months (like $1.25 from Amazon). These can be testing attempts by hackers to see if they will go through, to be shortly followed by a clean out of your bank account.

 

For years, I have paid all bills from my checking account but only keep $50 in that account by default. When I have bill (e.g. credit card), I move exactly the amount of money I need to pay the bill from savings to checking at the last moment, then initiate payment. Since the only account anyone knows is my checking, my savings account cannot be drawn down (at least that way...). If they hit my checking, the most they'll get is the $50.

 

Grey

[GRollins]

Oh, and I also religiously keep a spreadsheet of every penny I spend. If the credit card balance doesn't match my spreadsheet, I know something's up. To me, that's just common sense, from any number of points of view, but I don't know a single person aside from myself who does it.

 

Grey

[Joe Muscara]

Oh, and I also religiously keep a spreadsheet of every penny I spend. If the credit card balance doesn't match my spreadsheet, I know something's up. To me, that's just common sense, from any number of points of view, but I don't know a single person aside from myself who does it.

 

 

I've been using an app to do that. It's called Banktivity. Before that I used one you might have heard of called Quicken. Not only for CC balances, but bank accounts and investing as well. OTOH, my dad used to say that my grandmother would just take the monthly statement from the bank and that's what she presumed she had in her account. This was in pre-internet days so she'd be off by however many checks she spent, etc.

[GRollins]

My mother got into Quicken like it was a religion. Tried to convert me. I said I was happy with my spreadsheet (which I've been doing for, like, thirty years or more). I swear I thought she'd cry. That Quicken thing really got hold of her. I'm sure it's great, but my spreadsheet works for me. I've got everything in there. Credit cards, income, expenditures, etc. A one stop shop for keeping up with what's going on.

 

My ex wouldn't even look at her statements. She just tossed them in the trash. Of course, she was always maxed out on every card she owned, so she didn't want to be reminded of the damage she was doing. I eventually got to the point where I said I wasn't going to pay off her credit cards anymore. She left.

 

Don't let the door hit you in the butt, dearie.

 

Grey