Data breaches and password managers discussion

[kalph09]

boAt loses data of 7.5 million customers after being Hit with massive data breach​

Customer data for over 7.5 million boAt customers has appeared on the dark web. Personally identifiable information (PII)—like name, address, contact number, email ID, customer ID and more—is available for purchase. The threat actor has leaked around 2GB of data on the forum.

Hit With Massive Data Breach, BoAt Loses Data Of 7.5 Million Customers - Forbes India

The audio and wearables brand lost around 2GB of data on the dark web forum. Personally identifiable information like name, address and contact number is available for purchase

www.forbesindia.com

Lot of these upstart don't invest a penny on information security else there won't be any money on degenerate brand ambassador and youtubers.

Edit: This happened a month ago. Other than some tweets and news articles. They have successfully swept this under the rug.

 

[Kaleen Bhaiya]

If only India had data protection laws on equal terms like GDPR.
Then I tell myself. Whom am I kidding!! We have laws to implement the laws. But how do we actually implement the laws.

 

[Clayfire]

For obvious reasons I will not be sharing scam links, if you're so inclined google will help you find them.

Fairly obvious spelling mistake. Fake sites rarely have the correct address.

 

[n1r0]

Fairly obvious spelling mistake. Fake sites rarely have the correct address.

If a fake site URL were spelt correctly, it would take you to the legit site...unless your DNS itself was compromised in which case even if the correct URL is typed, the site itself might be fake

 

[rootyme]

Cooler Master hit by data breach exposing customer information​

Computer hardware manufacturer Cooler Master has suffered a data breach after a threat actor breached the company's website and claimed to steal the Fanzone member information of 500,000 customers.

Cooler Master hit by data breach exposing customer information

Computer hardware manufacturer Cooler Master has suffered a data breach after a threat actor breached the company's website and claimed to steal the Fanzone member information of 500,000 customers.

www.bleepingcomputer.com

 

[altair21]

btw folks using bitwarden, just how much do yall trust it? like is it to the level of using it for Bank passwords etc? or is it just like use it for everything but for extremely critical stuff?

I have been thinking of getting their premium plan since it's cheap enough and migrate my passwords there

 

[nRiTeCh]

btw folks using bitwarden, just how much do yall trust it? like is it to the level of using it for Bank passwords etc? or is it just like use it for everything but for extremely critical stuff?

I have been thinking of getting their premium plan since it's cheap enough and migrate my passwords there

Trust nothing but your gut feeling. Many use bitwarden, lastpass and others for storing everything but the moment you hear about leak dumps and data breaches, just change the passwords asap.

 

[rootyme]

btw folks using bitwarden, just how much do yall trust it? like is it to the level of using it for Bank passwords etc? or is it just like use it for everything but for extremely critical stuff?

I have been thinking of getting their premium plan since it's cheap enough and migrate my passwords there

No problems with that. It has proven to be extremely reliable.

Trust nothing but your gut feeling. Many use bitwarden, lastpass and others for storing everything but the moment you hear about leak dumps and data breaches, just change the passwords asap.

Banks force you to change your passwords, at least SBI does once every three months or so.

 

[altair21]

No problems with that. It has proven to be extremely reliable.

ah, so you are using it for critical stuff like banks too? right now I'm doing it my parents way, storing all pwds in a diary locked in a safe but wanted a better way to deal with it

 

[rootyme]

ah, so you are using it for critical stuff like banks too?

Have done it in the past but-

right now I'm doing it my parents way, storing all pwds in a diary

I am too lazy to regenerate and upate the passwords so often in the manager. So it's a diray for me as well.

locked in a safe

Looks like Captain Jack Sparrow is after it.

 

[nullpc]

like is it to the level of using it for Bank passwords etc?

If you believe in the value of their OSS projects and its quality, I don’t see why you need to doubt here.

I would use it if it weren’t for getting hooked to 1Password couple years back. Though, they have become increasingly worse in terms of quality so I might just move to Proton Pass or Bitwarden depending on how the experience is. But at least, no major security incidents which is giving me some relief so I hope they are at least focused on that front.

And yes I do store all my passwords in there, including banks and other personal info.

 

[nRiTeCh]

Banks force you to change your passwords, at least SBI does once every three months or so.

I'm referring to data breach password changes not the mandatory default banks expiry ones.

 

[altair21]

And yes I do store all my passwords in there, including banks and other personal info.

How are you paying for bitwarden? CC gets declined because they want a subscription payment

 

[nullpc]

How are you paying for bitwarden? CC gets declined because they want a subscription payment

I’m not, I’m paying for 1Password. Same issue happens when renewing yearly. I get a one-time payment link via their support. Maybe try that if you’re unable to purchase directly.

I used IDFC First WOW CC which is super reliable and is yet to fail me in any international txn scenario. Doesn’t yell at me (for better or worse).