Did I get that unlucky and get assigned a bad IP?
Its mobile data btw.
And I don’t wanna point fingers and blame Proton, but like… c’mon,
First of all, its a real IP address,
Second, even if it were a VPN, so what, your company literally runs a VPN lol, kinda ironic.
And its also a paid account, and I rarely (almost never) send outgoing emails.
But again, this is just a small annoyance, I generated a new password in Keepass and its seems fixed.
It’s more likely the result of automated login attempts because your email is on a leaked list and they forced a password reset on you to protect your account.
Damn if that’s the case, my paranoia is gonna go overdrive.
Btw, has anyone here actually got hacked? I feel like the media always overexaggerates “hacking” and its mostly people just using weak passwords (user error), not really hacking.
I did have my debit card details stolen a few years ago. The first I knew about it was a text message from my bank telling me they’ve frozen my account and I need to call the phone number printed on the back of my card ASAP. Spoke to a chap in the fraud department, we went through a list of recent transactions, flagged two charity donations I didn’t recognise (apparently that’s a common way for fraudsters to figure out whether your card is valid), and the bank gave me a new account, new card, new everything.
(incidentally, your bank never needs you to move your money to a “safe” account, they already have your money, they do that for you)
If you need to cross a chasm, and someone rolls a boulder in that lets you get across, are you going to go into all the ways that it wasn’t really a bridge?
Hacking is about making stuff do things outside is intended purpose. There are no prescriptions on how; hacking doesn’t gatekeep. If it works, it’s a hack. Convincing sometime to open the door for you is social engineering, for example.
So, if someone uses/reuses weak passwords, it’s fair to say that’s an easy hack, but it’s still a hack.
Ticketmaster database with credit card information got hacked years ago. I got an email confirming it and got a credit card transaction for about 1000 euros. Got a bit to explain and convince the credit card company, but they reversed it and blocked the card.
As for your case, just use very strong and unique passwords in a password manager like KeePass and you’ll be fine. It won’t hurt to rotate your password now, though.
You can check on https://haveibeenpwned.com/
It’s more likely to be that they found out your login credentials, yes.
They might find a site with crappy security where they can try many usernames and passwords without getting blocked or they might actually hack the site and get the password list.
Having a strong password, not reusing passwords and enabling MFA goes a long way towards protecting against those scenarios.
Lots of people have, usually it’s because they downloaded a cracked application that trojan-horsed a virus onto their system, or they installed a bad browser extension. Once on the system, the malware goes nuts spreading to other systems on their network, using keyloggers to grab passwords, etc.