I received an automatically generated email that read,
Dear Madison,
Your account on Chief Delphi has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.
The person trying to log into your account had the following IP address: 174.132.178.37
Did anyone else get anything like this? A whois search shows it belongs to theplanet.com, which appears to be a hosting company that doesn’t have a great track record regarding security.
I’m curious if this only affected me or if it was a problem on a larger scale.
I got this, too. My 15 min lock out just ended, so if this is a massive attempt at getting into accounts, we should see a lot of folks signing on shortly after getting that email.
A bit of reading suggests that theplanet.com isn’t interested in making it stop. I’ve reported this thread so Brandon et. al. will see it. If it becomes a bigger problem, they can block that IP range from using the site.
That same address has been involved in suspicious logon attempts on many forums today. Reverse DNS strongly suggests that it is a static address. However, it has been identified as being a TOR exit node. That means the actual attack is from someone being safely anonymous, and who could change their anonymizing route whenever they want.
If you use the same user id and password for some accounts, like the same with CD and with an email account, after this attack I would encourage you to change the other account as well. I had the same user id and password for CD and for my gmail account. This evening my gmail account was also hacked. Fortunately I only use the gmail account for causal use, and use that account for signing up to websites, etc… Gmail blocked all the spam messages that they tried to send from my account, and then shut the account down until I could reset the password.
So, if you got the message from CD, assume that they got your user name and password and will attempt to use that to get into other accounts.
Honestly if you got the message, changing your password wouldn’t do an ounce of good. They didn’t successfully crack your account, so what would changing your password accomplish?
I mean, it’s not a bad idea, but it’s kind of like telling people to always scrub behind their ears when they have an exam coming up - the activity is beneficial but unrelated.
For an activity that is beneficial, try using LastPass as a password locker. That way you can use different AND complex passwords on various sites. If they hack one, then that’s all they get.
