Gearbest usernames and passwords leaked online

Cienciano

This is on a few reddit subs, but if you use gearbest, change your password. 150 accounts, passwords and other account information was leaked online.

https://www.androidauthority.com/gearbest-email-password-hack-leak-breach-825005

https://www.reddit.com/r/Android/comments/7l7ug4/psa_gearbest_customer_details_including_passwords

Not sure where to post this, but it's a popular site with people here.

scudzilla

Cienciano wrote: »

This is on a few reddit subs, but if you use gearbest, change your password. 150 accounts, passwords and other account information was leaked online.

https://www.androidauthority.com/gearbest-email-password-hack-leak-breach-825005

psa_gearbest_customer_details_including_passwords

Not sure where to post this, but it's a popular site with people here.

With the people who run boards maybe, cos Gearbest pays, to most others they're a joke of a site

Cienciano

Was meant to say "online" in the title instead of only. Damn predictive text

But if you read the thread on it, gearbest do no seem to be treating it seriously. If you use the same password on gearbest for anything else it would be worth changing them too.

long_b

100% it's going to turn out to be many, many more than 150 accounts.
Probably the 150 accounts were thrown up on pastebin so potential buyers could check what they'll be getting in a bigger data dump.

Cienciano

Definitely doesn't fill you with confidence. I'm sure they'll email all their customers and warn them of the security breach :pac:

vicwatson

They haven’t yet anyway :eek:

Dixon

The 150 addresses have been loaded into https://haveibeenpwned.com/ if you want to check you're affected

Jurgen Klopp

scudzilla wrote: »

With the people who run boards maybe, cos Gearbest pays, to most others they're a joke of a site

Gearbest are like the dodgy Irish builders and boards are like Basil Fawlty except its payments as opposed to being cheap workers

rom

Jurgen Klopp wrote: »

Gearbest are like the dodgy Irish builders and boards are like Basil Fawlty except its payments as opposed to being cheap workers

nah most sites are this crappy

bryan06

I had my account used to purchase an expensive computer probably with a stolen Paypal account. I contacted them to get them to cancel the order and they said:

Your order is still pending payment so it will not be processed. Please consider it cancelled as long as you do not proceed with payment.

So they were still willing to go ahead with the order as long as the payment went through. What a scam of a website, its great that Boards get money for Gearbest to advertise there website and counterfeit goods to us!

myshirt

Dixon wrote: »

The 150 addresses have been loaded into https://haveibeenpwned.com/ if you want to check you're affected

Nice try

Kintarō Hattori

myshirt wrote: »

Nice try

Crap, I didn't look at how many posts that poster had..... I filled in my email address.

long_b

That site is fine, trusted and recommended all over the place for years.
Some people just don't post much

Kenjataimu

long_b wrote: »

That site is fine, trusted and recommended all over the place for years.
Some people just don't post much

Yeah it's a legit website.

https://haveibeenpwned.com/About

I'd recommend following that guy on twitter, it's a bit crazy how regular these hacks are happening.
https://mobile.twitter.com/troyhunt

GBX

One of my emails came up on that pwned site. I change passwords regularly and havent noticed anything out of the ordinary in bank or paypal statements.

rom

Best practice is 2 factor on anything that is important i.e. banking, email, google, linkedin ,paypal, facebook (not important but is used to login to a lot of other stuff).

My 2 primary gmail accounts were on that site on 7 separate listings! It will be a long day at work changing my password on every site I am registered with.

Boards.ie: Niamh

Just FYI I have asked Gearbest to update users in their own sponsored forum about this issue and if it has been rectified as soon as they can. However the rep hasn't been online for a couple of days so they may be taking a festive break. Thanks guys.

Gearbest reps are posting this on their facebook and various forums:

Dear Valued Customers,

We kindly bring your attention to the fact that some unidentified hackers gained large amounts of personal data from other websites and are trying to use this data to deceptively sign into Gearbest. Immediately after identifying this irregularity, we have frozen a few hundred affected accounts and updated our IT system for suspicious IPs. The situation is completely under control.

However, for your personal account security, we kindly recommend that you change your password if you feel that it is too simple (password with a combination of letters, numbers and symbols are considered to be more complex). At the same time, we also recommend that you do not use the same email address and password on different websites.

We will always be 100% committed to maintain our website as a safe and reliable place for your guaranteed shopping experience.

If you have any queries or may need any assistance, please contact our Support Team

Yours Sincerely

Their explanation is that the hack originates from other sites. I don't know how true/reliable that claim is.

Some users on reddit are saying the Gearbest mobile application was the source of the hack.

Don Kiddick

Boards.ie: Niamh wrote: »

Just FYI I have asked Gearbest to update users in their own sponsored forum about this issue and if it has been rectified as soon as they can. However the rep hasn't been online for a couple of days so they may be taking a festive break. Thanks guys.

It's China...

Caliden

Deleted User wrote: »

My 2 primary gmail accounts were on that site on 7 separate listings! It will be a long day at work changing my password on every site I am registered with.

I use a throwaway password on sites I don't give a fiddlers about. A different one for sites I do care about and then a separate password for my email accounts.

Of course google chrome stores all my passwords just in case on passwords.google.com

McMurphy

Deleted User wrote: »

Gearbest reps are posting this on their facebook and various forums:


Their explanation is that the hack originates from other sites. I don't know how true/reliable that claim is.

Some users on reddit are saying the Gearbest mobile application was the source of the hack.

Trojan

Just signed in with my password (unique from a password manager). If they were hacked they should have forced a reset across all users. I've set it to a new unique password - not that it will make much difference from the looks of their approach to security.

slave1

Kenjataimu wrote: »

Yeah it's a legit website.

https://haveibeenpwned.com/About

I'd recommend following that guy on twitter, it's a bit crazy how regular these hacks are happening.
https://mobile.twitter.com/troyhunt

Setup a brand new email address, went to that site and it was listed when I typed it in?
Legit me hole

Fr_Dougal

There will be 100k’s affected. Anyone with an account should change their password now.

long_b

slave1 wrote: »

Setup a brand new email address, went to that site and it was listed when I typed it in?
Legit me hole

I just tried a random Gmail one and it wasn't listed
Did you try a Yahoo account by any chance?

userfriendly

slave1 wrote: »

Setup a brand new email address, went to that site and it was listed when I typed it in?
Legit me hole

The creator Troy Hunt is renowned as an expert on data breaches and spoke at Congress in the US lately so yeah it's legit.

What email provider did you set up the account with? Some recycle usernames, as stupid as that seems

Dixon

slave1 wrote: »

Setup a brand new email address, went to that site and it was listed when I typed it in?
Legit me hole

It's legit and a good resource for breaches like this. The domain you set up the email address on may have been compromised

Snopes.com even links to it for breaches: https://www.snopes.com/2017/08/31/spambot-email-addresses/

I'm a good guy I swear

Dixon

Caliden wrote: »

I use a throwaway password on sites I don't give a fiddlers about. A different one for sites I do care about and then a separate password for my email accounts.

Of course google chrome stores all my passwords just in case on passwords.google.com

Good policy on varying your passwords but with this the concern is the linked name and addresses were also leaked which good password policy does not protect you against unfortunately

what could they do with your account in any case?
unless you store a credit card on it?

Suckit

There are more the 150 affected. I found a few dumps on Pastebin between 5 - 15 users per dump, I checked usernames in the list at random and was able to log in to every account i tried.
The dumps seem to have been happening since at least early November.

nava

glasso wrote: »

what could they do with your account in any case?
unless you store a credit card on it?

Most people have the same user name and password for other websites, so they can try to logon to other websites, if credit card is saved they will try to place orders.

CollyFlower

I have a heap of accounts with the same email address and password that I have with GearBest... Help?!

Kuva

CollyFlower wrote: »

I have a heap of accounts with the same email address and password that I have with GearBest... Help?!

No you don't

CollyFlower

Kuva wrote: »

No you don't

I do!... I'm signed up to loads of sites that I have the same PW and email, have been for years.

rustledjimmies

CollyFlower wrote: »

I have a heap of accounts with the same email address and password that I have with GearBest... Help?!

Help? As in, someone else do what you couldn't be bothered to?

No one can help you now but yourself (always was only you that could). Off you go now and start changing your passwords like derekeire:

Deleted User wrote: »

My 2 primary gmail accounts were on that site on 7 separate listings! It will be a long day at work changing my password on every site I am registered with.

CollyFlower

Can the hackers get card details? I've been trying to change details on AliExpress and there is no option to change, I go to 'my account' but there's no option to change the password or email, even on the desktop site.

CollyFlower

rustledjimmies wrote: »

Help? As in, someone else do what you couldn't be bothered to?:

No, I don't except someone else to do that, jezz! Just panicking and looking for advice.

degsie

Don't see the BA here, has the hacked info been reduced in price?

Suckit

CollyFlower wrote: »

I do!... I'm signed up to loads of sites that I have the same PW and email, have been for years.

I do not use one, but you may want to try a password manager
https://www.pcmag.com/article2/0,2817,2407168,00.asp

I do not know how much i would trust them, but they seem to be proven reliable and they may help you change all site passwords individually, much quicker than it would take you otherwise.
Although you will still have to login to all the sites.

BTW some of those programs are often free on sites like sharewareonsale and giveawayoftheday.
(Coincidentally Staganos is free at the moment - but i have no idea if it is any good).
https://www.google.com/search?source=hp&ei=x749WpnxKsrWjwS3jLjwCw&q=is+it+safe+to+use+a+password+manager&oq=is+it+safe+to+use+a+password+manager&gs_l=psy-ab.3..0j0i22i30k1.1087.1087.0.1919.1.1.0.0.0.0.343.343.3-1.1.0....0...1c..64.psy-ab..0.1.342....0.gATSVgCcz5k

CollyFlower wrote: »

Can the hackers get card details? I've been trying to change details on AliExpress and there is no option to change, I go to 'my account' but there's no option to change the password or email, even on the desktop site.

They can if you use the same details on other sites that the card details are visible, or sites where you may have saved photographs backed up of details that you may need etc.

degsie wrote: »

Don't see the BA here, has the hacked info been reduced in price?

It should be in Freebies :pac:

long_b

I really really really wouldn't download a password manager from ANY other site than the official website.

I use LastPass, I'd recommend it but there are others that are nearly equivalent.

It has a tool (which I haven't used) that resets your password for you on the more commonly used sites. Possibly better to do it yourself though but keep all the passwords in your password manager

I'd start with changing the password for your email accounts, that's the main point of weakness. Then on to your more commonly used sites (amazon, ebay)

If you're really worried you could get your credit card disabled temporarily while you do this. And watch your credit card statements for suspicious purchases or small test transactions

Esel

Apparently LastPass is now free for personal users.

matchthis

I did have same as amazon so changed that first as if details were taken, im guessing it'd be one of the first places that would be used

rgodard80a

degsie wrote: »

Don't see the BA here, has the hacked info been reduced in price?

It could save boardsies a lot of time and money to take steps to secure their accounts after this breach. Although you were only being pedantic.

I certainly appreciate the posting here where it's visible.

Kat1170

rgodard80a wrote: »

It could save boardsies a lot of time and money to take steps to secure their accounts after this breach. Although you were only being pedantic.

I certainly appreciate the posting here where it's visible.

Ignore him, he's just the first of the Me! Me! Me! crowd to turn up. The rest will probably be along soon with their smartar$e comments.

I use a different username and password for every site. I keep them all written down in a notebook. Some will say this isn't the safest thing to do, bit I reckon it's safer than using the same info on multiple sites. Use the same email address alright so I'll change the p/w on that to be safe.
Cheers OP

beauf

Very helpful that it was posted here where its like those users will be.

Cienciano

beauf wrote: »

Very helpful that it was posted here where its like those users will be.

You'd be waiting a while for gearbest to post it

Kuva

Cienciano wrote: »

You'd be waiting a while for gearbest to post it

On their forum They're still linking to that fake xiamoi site that "confirms" the fake stuff they sell is actually real.

Davy

Moved to Consumer Issues from Bargain Alerts now as most poster would have had chance to see it.

CI charter now applies.

MOH

Deleted User wrote: »

My 2 primary gmail accounts were on that site on 7 separate listings! It will be a long day at work changing my password on every site I am registered with.

Mine's on 8 - including Adobe, Disqus, Dropbox, LinkedIn and Paddy Power.
The sooner these muppets start facing hefty fines for such breaches the sooner they might start taking security seriously.

Suckit

https://www.facebook.com/gearbest/posts/1685456898169605

Dear Valued Customers,

We kindly bring your attention to the fact that some unidentified hackers gained large amounts of personal data from other websites and are trying to use this data to deceptively sign into Gearbest. Immediately after identifying this irregularity, we have frozen a few hundred affected accounts and updated our IT system for suspicious IPs. The situation is completely under control.

However, for your personal account security, we kindly recommend that you change your password if you feel that it is too simple (password with a combination of letters, numbers and symbols are considered to be more complex). At the same time, we also recommend that you do not use the same email address and password on different websites.

We will always be 100% committed to maintain our website as a safe and reliable place for your guaranteed shopping experience.

If you have any queries or may need any assistance, please contact our Support Team

Yours Sincerely

Gearbest.com

Security Update ：For your safety and security we have added a new verification code system for all customers when logging into Gearbest.