Password disclosure? — TomTom Community

Password disclosure?

zyborddzybordd Posts: 1 [New Traveler]
Forgive me if I'm not posting in the right area--I'm new on this forum. Let me start by saying I *DON'T* think that TomTom is the problem here. Having said that, a little background...

Back when I was a naïve Internet user, I tended to use the same username and password everywhere I went. What's worse, my standard password was pretty weak. I set up a TomTom account back in those days (about 10 years ago). Not too long after that, my TomTom device broke and I haven't even thought about this site or my account here for years and years.

Since that time, I've mended my ways and updated all my passwords to be longer, stronger and unique for each site, the way you are supposed to. Today I got an SPAM email addressed to my old email account (old username) and the body started off with "I know _____ is your password." and there was my old password I used to use all over the place.

I checked out my sites/passwords list and TomTom was the only one that was still using my old username and password. I see 3 distinct possibilities here:
1) This username and password were harvested in a (somewhat) recent attack. Since TomTom is the only account I have that was still using that combination, the attacker must have gotten it from TomTom.
2) There's another site out there that has my old credentials that I've long forgotten about
3) This information was harvested from an attack from years ago and could be from any number of sites

The email itself is a blackmail saying that if I do not pay them some BitCoin, they will send some incriminating video they supposedly captured from my (non-existent) webcam while I was allegedly visiting a porn site (that I've never been to) to all my contacts.

The purpose of this post is to ping other TomTom users to see if anyone else has gotten such an email. If others of you have gotten similar emails that include your TomTom password, then TomTom may have a security problem they need to resolve. If it's just me (and I'm guessing it is), then it must be one of the other 2 possibilities. If you have gotten something similar and your TomTom password is part of the email, please let us know so TomTom security can address any potential problems.
Tagged:

Answers

  • dhndhn Posts: 33,309
    Superusers
    @zybordd

    Go to this site.....

    https://haveibeenpwned.com/

    Might prove to be interesting.
  • John-JayJohn-Jay Posts: 684 [Revered Pioneer]
    Hi, @zybordd ,
    "The email itself is a blackmail saying that if I do not pay them some BitCoin, they will send some incriminating video they supposedly captured from my (non-existent) webcam while I was allegedly visiting a porn site (that I've never been to) to all my contacts."

    Yes, I've had lots of those (also citing that they have hacked my non-existent Camera) - some will quote a Password, whilst others will not (strangely, whenever they state that they have my password, it is NEVER a Password that I've ever used!!

    They usually tell me that they have hacked my Email Account & are sending it direct from my own PC - strange that the Email NEVER originates from my own IP Address.

    Personally, since most people's Email Address has been hacked at some stage (particularly if, like yourself, you have had it for some time) & these Scammers are simply trying to use an old Hacking List.

    Hence, I would be surprised if the source was from TomTom & I strongly suspect your "item 3" is probably nearest to the truth!
Sign In or Register to comment.

Who's Online in this Category0