newly registered member with security question....

Hi,
I just registered with the heartland forum and signed in, and the very first thing that popped up was a warning box saying that the site has accidentally shared 23 of my passwords and that i should "check it"...... i dont know how to check it other than logging out and resiging in, which i did... and it works.... but im not sure about all the other passwords that i have..
how could the site share my other passwords?.... I can understand how it may have a breach during the registeration process, but ONLY for the password i used for registering wit.... isnt there better security for people who are registering for the first time?...

I hope its not true that my passwords were shared, but at the very leaset you may want to see if there is a bug in the system that is phishing for our information.... thanks

Hi centerline,

Welcome to the Heartland Owners Forum.

This is the first time in 10 years that I've seen a post like this. I"ll report the post so our technical moderator can evaluate it.

Might take a closer look at that warning. Hackers and spammers are real creative with their “warnings.” Most are designed to look like they’re legitimate and tell you to click on a link to “fix” the problem. Never do that!!


Sent from my iPhone using Tapatalk

danemayer said:

Hi centerline,

Welcome to the Heartland Owners Forum.

This is the first time in 10 years that I've seen a post like this. I"ll report the post so our technical moderator can evaluate it.

Click to expand...

May I also suggest to have tech dept run the OP's IP Address for "Akismet Matching", and also any other users sharing that same IP. As mentioned above, spammers are very resourceful nowadays.

My sense of this is that the OPs browser may be compromised and this is some sort of a phishing scheme. We will have our web dev look into this to make sure we're solid on our end and if not, to shore it up and report back.

I have gotten the same sort of warning within Google Chrome Settings stating that 14 or more passwords have been compromised due to an unspecified data breach on some server. I have started using a random strong password generator, and am also considering using a random username generator. This has caused me to have to store those random usernames and passwords in a file somewhere secure. This warning also seems to pop up as I am adding new usernames and passwords on a new (to me) website. Deleting the old stuff can be almost impossible - old websites I haven't used in over a year on the compromised passwords list won't let me in because I haven't used them in a long time.

I have discovered that I need to always check the sender and if the letters are a bunch of gobbley goog it is a lso use duck duck go for my server.