June 24, 2016 by

Cloud Backup Firm Carbonite Issues Mandatory Password Reset for 1.5 Million Customers

Carbonite, an online cloud backup firm is forcing all of its users, totaling to some 1.5 million, to reset their passwords after detecting some user accounts being targeted in a password reuse attack.

Carbonite has revealed that hackers were attempting to break into user accounts using passwords from a spate of recent leaks from breaches such as those affecting LinkedIn, TeamViewer, Tumblr and more.

For some accounts, personal information “may” have been compromised and exposed, Carbonite stated in its blog .

The forced password reset is also falling in line with other companies and websites issuing the same mandate for its users, including the likes of TeamViewer, iMesh and Twitter.

Deemed a “password reuse attack”, opportunistic malicious hackers and cybercrooks tend to comb databases leaked from breaches, attempting to use leaked user credentials on other websites such as Carbonite, even though the latter’s security infrastructure is intact. These incidents are precisely why security experts insist that users do not reuse the same passwords on different websites.

“Based on our security reviews, there is no evidence to suggest that Carbonite has been hacked or compromised,” the cloud backup service added.

Affected customers include Mac and Windows Carbonite Personal users, as well as Carbonite Pro customers, in addition to MailStore and Carbonite Server Backup users.

A statement on its blog post read:

To ensure the protection of all our customers and the safety of their data, we are requiring all Carbonite customers to reset their login information. All Carbonite users will receive an email with instructions to reset their passwords.

Meanwhile, the firm is urging users to check for the originating email address of the password reset in an effort to dissuade their customers from falling pretty to phishing emails.

Carbonite users are urged to ensure that the password reset email is coming in from carbonite[@]cloud.carbonite.com.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Nearly 50% of Americans Change Passwords Post 2016 Elections Hack

 A poll has shown that a significant number of American are making changes to their online habits...

Read more arrow_forward

Most Common Passwords Found In Data Breaches

Creating a strong password is one of the fundamental ways to keep your account safe.  A strong...

Read more arrow_forward

Yahoo Data Breach Compromises Half a Billion User Accounts

Yahoo has finally confirmed the results of its investigation of a data breach and it does not make...

Read more arrow_forward