> # Welcome to GameGrinOS v1.01 > # How can I help you? > # Press ` again to close
>
Hello… | Log in or sign up
Bundle Stars Targeted as Compromised Passwords Re-Used
// News // 21st Feb 2016 — 10 years ago // By Gary "Dombalurina" Sheppard

Bundle Stars Targeted as Compromised Passwords Re-Used

It's often said that you should treat your passwords like a toothbrush: change them regularly and don't share them with anyone. We try to go one step further and treat them like a collection of toothbrushes with a different brush for each room of the house so as not to cross-contaminate when brushing our teeth in different locations. Actually, we may have extended this analogy a little more than was necessary...

So, yes, passwords. They protect so much of our content online, yet time and time again we see people caught out by re-using passwords in multiple places. The latest victim of hackers attempting to gain access they're not supposed to have is Bundle Stars, who this week issued a communication to its users to change their passwords. The reason though isn't because their own database was compromised, but instead that people have been using the same password on Bundle Stars as other sites which have been compromised.

The company stated:

"We have noticed attempts to access Bundle Stars customer accounts by entering, what we believe to be, stolen email address and password combinations, so we have taken the precaution of resetting all user passwords across the website. Customers' financial information, such as PayPal, credit or debit card details is not stored on the Bundle Stars website, so has NOT been compromised and is not at risk.

We have reason to believe that a number of customer accounts may have been accessed without the permission of the account holder. We think it is likely that an individual or individuals obtained, from the public domain, a list of compromised accounts which have been stolen from other websites. [...]If your previous email and password combination was unique to Bundle Stars, then your account will not have been affected."

privacy policy 510728 1920

Does This Mean that Bundle Stars Weren't Keeping my Info Safe?

No, quite the contrary. Their system wasn't actually compromised, but they spotted that there were repeated attempts to log in from the same locations using lots of different email addresses. What this usually means is that a criminal has obtained a list of users passwords for other sites and they are trying to log in on Bundle Stars with the addresses on this list. If the person has an account there and uses the same password then they will be able to get in. Because so many of us use the same password for multiple sites, this method is likely to result in some degree of success.

Bundle Stars however were onto this and when they spotted the suspicious activity, they immediately responded by logging everyone out and instigating "captcha" techniques to ensure that only real humans could get through and not automated programs trying to steal data. They've also reset everyone's password, meaning that all users now have to change their password. This might be a bit frustrating but it does mean that those stolen passwords are now worthless. 

So How Can I Keep Myself Safe?

Set yourself a good password and keep it safe and secure. Ideally, each site that you use should have a different password and it should be something ralatively complex. It's worth considering using password manager software such as LastPass or Dashlane, that way you only have to remember a single password to protect all of your accounts with unique passwords. 

Gary

Gary "Dombalurina" Sheppard

Staff Writer

Gary maintains his belief that the Amstrad CPC is the greatest system ever and patiently awaits the sequel to "Rockstar ate my Hamster"

Read more articles by Gary
Share this:

COMMENTS

Trending

Series

GrinCast Podcast

Upcoming Releases

Community Feed

Title ×

Body