How'd my passwords change?
October 22, 2010 5:25 AM   Subscribe

I woke up today and both my Gmail account and Yahoo account have had their passwords changed. What the hell happened? Only thing I can think of is that it came through my phone-- I have an rooted Android LG Ally,(with google services) and I had a Yahoo Fantasy Football app installed.

I don't use yahoo e-mail, but my life is more or less literally in my Google account. I'm worried. What happened?
posted by sandmanwv to Computers & Internet (8 answers total) 1 user marked this as a favorite
Response by poster: FYI, I looked at google account and found someone had logged in from Canada after I had gone into bed. I have an IP. Can I do anything with that?
posted by sandmanwv at 5:29 AM on October 22, 2010

Where the passwords "secure", as in were they long and including numbers and symbols (h£llopw098!?) rather than easily cracked (hellopassword)?

If one of the passwords was easily crackable, they may have then reset the other password if it is linked to the other email account (e.g. a Password Reset email from the Gmail account goes to the Yahoo account).
posted by EndsOfInvention at 5:29 AM on October 22, 2010

The Google help page about what to do if your account is compromised is here.
posted by EndsOfInvention at 5:31 AM on October 22, 2010

Change every password on every account you have associated with those two email addresses, ASAP. Especially itunes, banking, xbox live, etc.
posted by empath at 5:43 AM on October 22, 2010 [1 favorite]

And Check your Gmail filters to make sure no custom forwards have been added!
posted by HFSH at 6:08 AM on October 22, 2010 [2 favorites]

And do all this from a different computer, in case there is a keylogger installed on yours.
posted by mikepop at 6:11 AM on October 22, 2010

Hard guessing how your accounts were compromised. Are you signed up for membership on any web sites using the same password that you use for your GMail account? You might be surprised how cavalier a lot of web app designers are with password information. Anyway, if the answer is yes it's possible that someone with access to that database was able to see your email address and password and guessed that the combo would work to log in to your GMail account.

Once you have access to your GMail account again, you can step through the Gmail security checklist to help make sure everything is as it should be.

If you haven't done it already, I highly recommend tying your GMail account to your mobile phone number so you can recover your password by text in case of emergency.
posted by trunk muffins at 6:16 AM on October 22, 2010 [1 favorite]

This has happened to several people I know and I think almost every one of them was due to a phishing scheme that looked like Facebook. Were you using your computer before you went to bed that night? Might take a look through your internet history and see if there's anything suspicious in there.

Did you have any credit card numbers, bank account numbers, etc. stored in your Gmail? Social security number? If you did, you might want to consider setting up credit monitoring with the major bureaus for a couple of months.
posted by crosbyh at 2:52 PM on October 22, 2010

« Older “Never give a sword to a man who can't dance.”   |   Windows 7 behaves in mysterious ways Newer »
This thread is closed to new comments.