Pelican has a Data Breach
 

what's going on?



http://forums.pelicanparts.com/uploa...1578265877.jpg

Don't use the Gulag browser?

Oh. Too late.
http://forums.pelicanparts.com/uploa...1578266385.jpg

If my posts start making sense, with proper grammar and speeling.....

I've been hacked :)

Send me your credit card information, username and password and I'll check to make sure you're information is secure. :D

(speelcheck working as always.)
I for one welcome our robot overlords.

What's going on ? You're using Chrome.

If I start posting in PARF, my account has been hacked. Otherwise, no big deal to me.

We haven't seen or heard of anything on our end. All is secure and safe.

I get an email every so often from them but have blown them off for now. Might need to look into it....

All good ?

Nope - chrome still reports a data breach.

Earlier, I supplied the link explaining the situation.

https://security.googleblog.com/2019/12/better-password-protections-in-chrome.html

Dec 10, 2019


Today, we announced better password protections in Chrome, gradually rolling out with release M79. Here are the details of how they work.

Warnings about compromised passwords
Google first introduced password breach warnings as a Password Checkup extension early this year. It compares passwords and usernames against over 4 billion credentials that Google knows to have been compromised. You can read more about it here. In October, Google built the Password Checkup feature into the Google Account, making it available from passwords.google.com.
Chrome’s integration is a natural next step to ensure we protect even more users as they browse the web. Here is how it works:

Whenever Google discovers a username and password exposed by another company’s data breach, we store a hashed and encrypted copy of the data on our servers with a secret key known only to Google.

When you sign in to a website, Chrome will send a hashed copy of your username and password to Google encrypted with a secret key only known to Chrome. No one, including Google, is able to derive your username or password from this encrypted copy.

In order to determine if your username and password appears in any breach, we use a technique called private set intersection with blinding that involves multiple layers of encryption. This allows us to compare your encrypted username and password with all of the encrypted breached usernames and passwords, without revealing your username and password, or revealing any information about any other users’ usernames and passwords. In order to make this computation more efficient, Chrome sends a 3-byte SHA256 hash prefix of your username to reduce the scale of the data joined from 4 billion records down to 250 records, while still ensuring your username remains anonymous.
Only you discover if your username and password have been compromised. If they have been compromised, Chrome will tell you, and we strongly encourage you to change your password.

Chrome is the problem ?
It's amazing how clueless some people are.

The Chrome warning means that your username and password combination is on a publicly available hacked accounts list.
It has nothing to do with Chrome.

Chrome is not the problem. Chrome is checking against 4 billion sets of data that has been accumulated over a long period of time.

When I checked my 3 email accounts on the link that Widebody supplied I find that two have been compromised. And the two that are compromised haven't been used in over 3 years and never used for Pelican. They are still available but never used. My gmail account shows to be clean.

Webb, the article clearly states that they have been rolling out the security check. Your account may have been compromised in the past and is only now being picked up because of the new system check Chrome is activating.

Pelican doesn't have a data breach.

Your problem is with Chrome. Here .... have a fun read
Let Me Google That

and beware of those porn sites !!!

It means that your Pelican login is a breached login.
Change your password if you don't want someone to be able to log in as you.

Error message didn't say pelican, just saved password.

I don't let browser save login info. Not sure if that's better or not.

I didn't think "secret" wuz secure enough so I added a single digit to the end of it...

I'm good now :D

Pelicans password database has a data breach - that help you?

Webb, the problem, wherever it originated, could have happened two years ago. Chrome just started the verification and notification system. I gave you the link. I posted the info from the link. Do a search and you can find link after link with people having the same problem as you.

No problem here either !
http://forums.pelicanparts.com/uploa...1578873125.jpg

that message simply indicates that the password you use for pelican
most likely got used on other sites

Somewhere "a site" got breached and now that that combination of login/email and that password is known..

Google found out bout that breach and that combination was found in that breach, and will now throw that warning on any site that has this combination of credentials... (in the google password store).

It does not mean Pelican has had a data breach

No. I used a unique password on Pelican.

Read the thread.

It's a Chrome ****up.

Save your breath. He has his mind made up that it is a Pelican breach even though he has no evidence.

I am surprised the thread hasn't been closed or deleted. He is making unfounded allegations against Pelican that can cause them harm.

I am surprised you haven't been closed or deleted

Read the thread - again.