I got an e-mail saying someone from a strange location had accessed my account. After mentioning it on NeoGAF there are already about 20 others have said the same thing. You only get that e-mail AFTER they successfully log in with the correct password too so it seems like a ton, if not all, passwords and accounts have been leaked. No official word yet but too many people to be a coincidence.
HumbleBundle has been hacked. Change your password.
Seems a bit suspect, but I'm not sure if the sample size is large enough to verify a large scale compromise of their data.
That being said, you should activate two-factor authentication on Humble Bundle if you've not already done so. It should help keep your account secure even if your password is compromised.
I'd be willing to bet that a lot of those are due to reused passwords that were picked up in other hacks (that's been the go-to for these things lately). That said, things like this are why I have a password manager. Password gets found, and the account's sporting a new one with a couple of clicks.
Well, whether it's a full blown hack or some remnants of old passwords being stolen, might as well stay on the safe side I suppose. Kudos for the heads up. My passwords consist of me slamming my keyboard against a wall and using the chaos as my new password, so I never memorize them so I never feel bad about changing them.
I tried to access my account and my password wouldn't work, but I doubt my account was hacked. Most likely the password got mixed up at some point (I used lastpass for awhile and recently migrated to KeePass. I vaguely remember lastpass trying to autochange passwords and failing on some accounts. Humble bundle could have been one of them).
I never got an email about a weird place trying to access my account until today... Which only happened because I moved 2 years ago and it's been awhile since I accessed my account. Either way I changed it and unlinked my steam account for good measure. I will continue to not use humble bundle.
Please Log In to post.