_______ __ _______
| | |.---.-..----.| |--..-----..----. | | |.-----..--.--.--..-----.
| || _ || __|| < | -__|| _| | || -__|| | | ||__ --|
|___|___||___._||____||__|__||_____||__| |__|____||_____||________||_____|
on Gopher (inofficial)
HTML Visit Hacker News on the Web
COMMENT PAGE FOR:
HTML SoundCloud confirms breach after member data stolen, VPN access disrupted
elashri wrote 10 hours 15 min ago:
What is the relation between blocking VPN and data breach? why would
this be a reasonable response? Is it to prevent mass login attempts
using VPNs to mark origin or what?
PunchyHamster wrote 10 hours 5 min ago:
I'd imagine knee-jerk reaction when they noticed hacking and just
started to blanket ban IP ranges to access their entire
infrastructure
password-app wrote 11 hours 14 min ago:
SoundCloud users should rotate passwords immediately, especially if
reused elsewhere.
The VPN access disruption suggests the breach may be deeper than
initially disclosed. If you used the same password on banking, email,
or other sensitive accounts, change those first.
For anyone managing 50+ accounts: automated password rotation tools
exist now that can handle the tedious clicking through each site. Saves
hours vs manual changes.
The Password App does this on macOS - full disclosure, I'm affiliated,
but the general advice stands: don't wait for breach notifications to
rotate credentials.
nstart wrote 7 hours 50 min ago:
Curious... Why does VPN access disruption suggest the breach may be
deeper than initially disclosed?
My understanding is that this prevents anonymous access to servers
which would help during investigation if any further unauthorized
access showed up. But it doesn't confirm that unauthorized access
continued. Just curious how you are thinking about this though.
Brajeshwar wrote 10 hours 27 min ago:
Please say more about the Password Rotation. Where, how, which?
baobun wrote 3 hours 54 min ago:
You are replying to submarine marketing.
nguyenkien wrote 10 hours 11 min ago:
Go change your password. And do it for every website you reuse that
password.
Brajeshwar wrote 9 hours 48 min ago:
The keyword was, âautomated password rotation tools.â
zdragnar wrote 8 hours 37 min ago:
Your question didn't include the words automated or tools, and
your incomplete "where, how, which" was ambiguous enough to
apply to the idea of password rotation generally rather than
the tool's interactions with them.
thenthenthen wrote 10 hours 31 min ago:
What is âThe Password Appâ? As in the built in âPasswordsâ
app?
eterm wrote 11 hours 58 min ago:
My SoundCloud account seems to predate my use of 1password and I didn't
seem to migrate it.
Uh oh.
I hope they have a nice GDPR compliant deletion policy and my account
is long gone.
WelcomeShorty wrote 6 hours 59 min ago:
Just checked and my account was created (and last used) in 2013...
So at least they get some old accounts to become active again :D
owlninja wrote 12 hours 46 min ago:
The HN post from earlier when the VPN ban speculation started:
HTML [1]: https://news.ycombinator.com/item?id=46269891
DIR <- back to front page