That ai banner does not inspire trust at all :( The actual content reads well & they link other articles though. Weird.
Are we sure someone just didn’t ask Gemini for 48 million Gmail credentials and immediately get them?
I’m holding a grudge because I was arranging a Craiglist sale and when I sent the buyer my phone number to text my account was suddenly disabled for “unusual activity” signing me out of everything. I was able to re-enable it right away, but I’m pretty sure whatever AI-trash system is in place to monitor accounts did it.
Are we sure someone just didn’t ask Gemini for 48 million Gmail credentials and immediately get them?
It looks like they come from infostealers:
100k onlyfans can get spicy
It looks like they come from infostealers
I get it, it was Gemini, we can stop repeating ourselves
Shit, am I on the list?
I think the security researcher didn’t download the data.
But be sure to check out https://haveibeenpwned.com/ to check if your data is in other lists.
This is why we have MFA.
Hey want to play a game? Your bank is gonna text you a number, and I’m going to guess it. Tell me if my guesses need to be higher or lower.
This is why you never enable SMS based MFA. TOTP is well established and just works. If you need even more security FIDO2 devices like YubiKey are a thing.
It would be nice if that was a choice but SMS is unavoidable.
For the love of God, someone inform Citibank and Chase of this. My dinky little local credit union allows me to use TOTP, but Citi and Chase still only seem to support SMS.
Chase supports push notifications via their app now, so at least they’re moving forward toward something a bit more secure. But yes, I’m so pissed that so many banks use SMS when it’s known to be easily spoofed.
Requiring the use of their own app is only marginally better than not supporting it at all. I try to minimize the number of apps pn my phone, and banking apps are prime examples of a use case that can be completely fulfilled in a browser. Even if I used the app, I would prefer to be prompted for non-biomotric MFA each time I sign in anyway.
Yeah I can respect that, I have one bank where the only account I have there is a credit card now that I paid off my loan. Their app is terrible and half the time it doesn’t load on my home network because of all my ad and tracking blocking on my DNS server. I just want to check balances, you assholes. So yeah that one is strictly browser only for me.
hellnuh, that your own website you keep posting?
Yeah, address looks sus af
Check Op’s username and the community it mods, and you’ll know what I mean.
I seem to be missing some context. Now, after seeing another post with a link there, I know this probably is not some one-time scam site. But then, if you had the info that domain matches the name of their community, WDYM?
You asking me or OP, wdym?
It is, but it doesn’t seem nefarious. Just somebody trying to carve out a little corner to help individuals find some tools to get away from Google and such. Maybe they make money via some affiliate links, but is that a bad thing?
Brought to you by proton
Analysis indicates the data was aggregated over time from multiple sources, including malware infections, phishing campaigns, and older third-party breaches. There is no indication of a direct compromise of Google’s internal infrastructure.
Everything is vulnerable to that, including proton.
Start setting up passkeys where available, that is the safest and easiest way, I store mine on my selfhosted vaultwarden but you could use other ways. As long as the devices you use are secure, no passwd leaks, spoofing attempts or phishing can threaten you.
