MOVEit vulnerability

CCleaner for Windows
21

it is my main Gmail address - which i also use for Google chat. IOWs it's not one I can switch to another one. would changing my password help or what else please? Any other advice?

5 hours ago, nukecad said: 
<div class="ipsQuote_contents">
	<p>
		The free offer is for those who have had the MOVEit breach email from CCleaner - if that includes you then you will get a further email about getiing/installing the offer.
	</p>

	<p>
		The free offer is not just for anyone who happens to have been pwned in some other, unrelated, breach.
	</p>

	<p>
		Note that Avast BreachGuard will not prevent you being pwned in a data breach, nothing you can install on your devices could do that.


		What it does is check the web to tell you if your details subsequently appear of a list <strong><em>after</em> </strong>you have been pwned.


		In other words it can only tell you after it's already happened.
	</p>

	<p>
		 
	</p>

	<p>
		TBH I don't need something to tell me that,


		Data Breaches are a fact of life these days and so I just assume that it has happened to some of my data at sometime, act accordingly, and check havibeenpwned regularly.


		You have now checked and found that some of yours has been breached 3 different times now, and no doubt will be again at sometime.
	</p>

	<p>
		When (not if) you find something of yours has been pwned then you change it or abandon it and move on.


		If it's an email address and you can't abandon it, or don't want to, then you be careful about what you recieve there because you know that it has been involved in a breach so some spammer/scammer/con artist may now have got hold of it.
	</p>
</div>

22

Using havibeenpwned is a good way to check if you email, or passwords, have been stolen in a data breach and shared - either from this breach of from one of the many, many, other data breaches that do happen. 

It's free to check at anytime that you want to check, here are the haveIbeenpwned links again:


<a href="https://haveibeenpwned.com/" ipsnoembed="true" rel="external nofollow" target="_blank">https://haveibeenpwned.com/</a>


<a href="https://haveibeenpwned.com/Passwords" ipsnoembed="true" rel="external nofollow" target="_blank">https://haveibeenpwned.com/Passwords</a>

If it's your password(s) that has been pwned - those are easily changed to prevent anyone using it to login to your accounts.

With a pwned email address then it's more a case of your knowing that it's now out there in public - so you may get more spam sent to it, and more sent to it begging for money or scams attempting to con you into something.

If you are going to be keeping that email address - because you don't have to abandon a pwned email address, 

But you do have to be more careful of anything you receive at that address - you should always be being careful anyway.

The other problem that you might face with a pwned email is someone pretending to be you to people on your contacts list by faking emails as being from you. 

Of course to do that they also have to have had access to your contacts list at some time.


Whilst it does happen it's not common, because they would have to have both your email address and your contacts list.

If you are keeping an email that you know has been pwned then you may want to inform your contacts who have that email address, so that they can be careful of any emails supposedly coming from it which might not be from you but may be fakes.

In the end having your email address pwned in a data breach is not that different from you yourself putting your email in open view where anyone can see it. (Which is why we edit them out of forum posts when we see someone do that).

You can even think of it as being similar to your postal (snail mail) address being put on mailing lists and shared, so that you get more advertising letters and 'please support/donate to ....' letters and leaflets sent to it through the post. 

Whilst we all accept that that happens with our postal addresses, we like it less when it happens with email addresses, simply because we tend to think of emails as being more private.


The answer in both cases is of course to spot which is the junk mail, ignore it and throw it away.


(Or change your address- that's much easier to do with an email address than moving house would be).

23

Dear nukecad,

You have the most detailed solutions about this topic, but about that e-mail check on that website you love, idk.

Strange thing is here that i check my main address on that site, and have a green light.

So how is it possible that some not important data from me is leaked on dark web? What data is leaked?

24

It does take time for data from breaches to be reported, and for it to turn up for sale.

So until/unless the companies affected tell them just what was taken (obviously companies don't like doing that), or until that data turns up for sale somewhere, it's not going to be listed in a check.

So you do have to check regularly.

That's what the Avast BreachGuard does, it checks regularly for you.

25

This attack happened in May but info is appearing about it now. Have a read of the article and you will see that ccleaner was just one of many attacked by MOVEit.

Quote 
<div class="ipsQuote_contents ipsClearfix" data-gramm="false">
	<p>
		The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state's entire population.
	</p>
</div>

https://www.bleepingcomputer.com/news/security/maine-govt-notifies-13-million-people-of-moveit-data-breach/