Totally, absolutely awesome. Steal their backups, hit them with a targeted attack while simultaneously burning their backups to the ground.
If you're a user of online backup service Carbonite, you're getting a new password. Don't make it one you've used somewhere before. Carbonite has released a statement telling users it's run a system-wide password reset in the face of a password-reuse attack. The company claims its own systems haven't been compromised, but if …
Wednesday 22nd June 2016 05:33 GMT Anonymous Coward
The company claims its own systems haven't been compromised, but if a user ID/password combination was in a list from another large breach, the account would have been popped.
Hack attempts and large breaches happen every day somewhere in the world, so why are Carbonite especially concerned in this case?
The only thing that makes sense is that the referenced 'large breach' of someone else's server did reveal Carbonite usernames/passwords.
Wednesday 22nd June 2016 08:59 GMT Mark Allen
It's all about the patterns. Clearly Carbonite were seeing multiple logins from a new range of IP Addresses. I'd assume that Carbonite keeps track of IP Addresses where the software is running. So if lots of accounts login from new IP Addresses - that would cause an alert. And if those addresses all come the same range - it has clearly trigged a full reset response.
It shows the place it run by Engineers and not Marketing people.