A day after remote desktop service GoToMyPc accounts were hacked, online backup
service Carbonite has suffered the same fate. Carbonite has, therefore, issued
a warning that hackers are attempting to break into its users accounts, and are
prompting all users to change their passwords.
“As part of our ongoing security monitoring, we recently became aware of
unauthorized attempts to access a number of Carbonite accounts. This activity
appears to be the result of a third party attacker using compromised email
addresses and passwords obtained from other companies that were previously
attacked. The attackers then tried to use the stolen information to access
Carbonite accounts”, read the statement issued by the online service.
The company claims its own systems haven’t been compromised.
“Based on our security reviews, there is no evidence to suggest that
Carbonite has been hacked or compromised”.
“While we will continue to monitor and investigate the matter, we have
determined that usernames and passwords are involved. Additionally, for some
accounts, other personal information may have been exposed.”
Carbonite hasn’t yet imposed two-factor authentication as a default, but it
does “strongly encourage” its customers to use 2FA.
Most Carbonite users should receive
an email from the company in the coming days, but they’ll be prompted to reset
their password as soon as they try to use the service anyway.
“Look for an email from Carbonite with instructions for resetting your
password. We highly recommend all customers use “strong” unique passwords for
Carbonite and all online accounts. Learn more about strong passwords at www.carbonite.com/safety.
If you use the same or similar passwords on other online services, we recommend
that you set new passwords on those accounts as well”, the company added in the