but it happened a few days/weeks after your blog post
better safe than sorry, I think I'll install bitwarden and change all my passwords :)
reosarevok
I'm pretty sure we're not leaking passwords, even if we were we have them pretty well hashed IIRC
ruaok
Lotheric: I sent mail to the three mb devs and asked them to take another look.
yvanzo
Yes, there is no chance that MB website could possibly leak the password.
reosarevok
I'd suspect something else here, but we can look around just in case. No idea about the safety of the wiki, that's a standard mediawiki install I think but I haven't touched it
kepstin
doesn't sound like any password leak, yeah, otherwise they wouldn't have bothered to try to reset your password. but still using a password manager to generate and save unique passwords per service is always a good idea
Lotheric
my netflix password isn't the same though, otherwise he'd be in :)
I changed it again anyway
reosarevok
I've gotten one of those old password "totes going to malware you" emails too at some point
But then, I knew that pass was pwned
Lotheric
might not be because of the MB leak
Oh no — pwned!
Pwned in 9 data breaches and found 1 paste
it's not my first rodeo
hehe
kepstin
yeah, probably the person sending that email just found the paste and decided to spam everyone in it in hopes they'd get lucky
Lotheric
he's definitely phishing because he says he got pictures from my webcam and my contacts info from facebook and messanger
kepstin
just someone with an old/useless list of passwords hoping that they can extract some value out of it.
Lotheric
I do not use facebook nor do I have a webcam
lol
kepstin
i'm kind of surprised you even saw the email, those usually get caught by spam filters
(since it's generally a template sent out to a big list of people)
Lotheric
it went to spam in gmail
it caught my eye becuase the subject was my password
