Gearbest usernames and passwords leaked online

Cienciano

This is on a few reddit subs, but if you use gearbest, change your password. 150 accounts, passwords and other account information was leaked online.

https://www.androidauthority.com/gearbest-email-password-hack-leak-breach-825005

https://www.reddit.com/r/Android/comments/7l7ug4/psa_gearbest_customer_details_including_passwords

Not sure where to post this, but it's a popular site with people here.

scudzilla

Cienciano wrote: »

This is on a few reddit subs, but if you use gearbest, change your password. 150 accounts, passwords and other account information was leaked online.

https://www.androidauthority.com/gearbest-email-password-hack-leak-breach-825005

psa_gearbest_customer_details_including_passwords

Not sure where to post this, but it's a popular site with people here.

With the people who run boards maybe, cos Gearbest pays, to most others they're a joke of a site

Cienciano

Was meant to say "online" in the title instead of only. Damn predictive text

But if you read the thread on it, gearbest do no seem to be treating it seriously. If you use the same password on gearbest for anything else it would be worth changing them too.

long_b

100% it's going to turn out to be many, many more than 150 accounts.
Probably the 150 accounts were thrown up on pastebin so potential buyers could check what they'll be getting in a bigger data dump.

Cienciano

Definitely doesn't fill you with confidence. I'm sure they'll email all their customers and warn them of the security breach :pac:

vicwatson

They haven’t yet anyway :eek:

Dixon

The 150 addresses have been loaded into https://haveibeenpwned.com/ if you want to check you're affected

Jurgen Klopp

scudzilla wrote: »

With the people who run boards maybe, cos Gearbest pays, to most others they're a joke of a site

Gearbest are like the dodgy Irish builders and boards are like Basil Fawlty except its payments as opposed to being cheap workers

rom

Jurgen Klopp wrote: »

Gearbest are like the dodgy Irish builders and boards are like Basil Fawlty except its payments as opposed to being cheap workers

nah most sites are this crappy

bryan06

I had my account used to purchase an expensive computer probably with a stolen Paypal account. I contacted them to get them to cancel the order and they said:

Your order is still pending payment so it will not be processed. Please consider it cancelled as long as you do not proceed with payment.

So they were still willing to go ahead with the order as long as the payment went through. What a scam of a website, its great that Boards get money for Gearbest to advertise there website and counterfeit goods to us!

myshirt

Dixon wrote: »

The 150 addresses have been loaded into https://haveibeenpwned.com/ if you want to check you're affected

Nice try

Kintarō Hattori

myshirt wrote: »

Nice try

Crap, I didn't look at how many posts that poster had..... I filled in my email address.

long_b

That site is fine, trusted and recommended all over the place for years.
Some people just don't post much

Kenjataimu

long_b wrote: »

That site is fine, trusted and recommended all over the place for years.
Some people just don't post much

Yeah it's a legit website.

https://haveibeenpwned.com/About

I'd recommend following that guy on twitter, it's a bit crazy how regular these hacks are happening.
https://mobile.twitter.com/troyhunt

GBX

One of my emails came up on that pwned site. I change passwords regularly and havent noticed anything out of the ordinary in bank or paypal statements.

rom

Best practice is 2 factor on anything that is important i.e. banking, email, google, linkedin ,paypal, facebook (not important but is used to login to a lot of other stuff).

My 2 primary gmail accounts were on that site on 7 separate listings! It will be a long day at work changing my password on every site I am registered with.

Boards.ie: Niamh

Just FYI I have asked Gearbest to update users in their own sponsored forum about this issue and if it has been rectified as soon as they can. However the rep hasn't been online for a couple of days so they may be taking a festive break. Thanks guys.

Gearbest reps are posting this on their facebook and various forums:

Dear Valued Customers,

We kindly bring your attention to the fact that some unidentified hackers gained large amounts of personal data from other websites and are trying to use this data to deceptively sign into Gearbest. Immediately after identifying this irregularity, we have frozen a few hundred affected accounts and updated our IT system for suspicious IPs. The situation is completely under control.

However, for your personal account security, we kindly recommend that you change your password if you feel that it is too simple (password with a combination of letters, numbers and symbols are considered to be more complex). At the same time, we also recommend that you do not use the same email address and password on different websites.

We will always be 100% committed to maintain our website as a safe and reliable place for your guaranteed shopping experience.

If you have any queries or may need any assistance, please contact our Support Team

Yours Sincerely

Their explanation is that the hack originates from other sites. I don't know how true/reliable that claim is.

Some users on reddit are saying the Gearbest mobile application was the source of the hack.

Don Kiddick

Boards.ie: Niamh wrote: »

Just FYI I have asked Gearbest to update users in their own sponsored forum about this issue and if it has been rectified as soon as they can. However the rep hasn't been online for a couple of days so they may be taking a festive break. Thanks guys.

It's China...

Caliden

Deleted User wrote: »

My 2 primary gmail accounts were on that site on 7 separate listings! It will be a long day at work changing my password on every site I am registered with.

I use a throwaway password on sites I don't give a fiddlers about. A different one for sites I do care about and then a separate password for my email accounts.

Of course google chrome stores all my passwords just in case on passwords.google.com

McMurphy

Deleted User wrote: »

Gearbest reps are posting this on their facebook and various forums:


Their explanation is that the hack originates from other sites. I don't know how true/reliable that claim is.

Some users on reddit are saying the Gearbest mobile application was the source of the hack.

Trojan

Just signed in with my password (unique from a password manager). If they were hacked they should have forced a reset across all users. I've set it to a new unique password - not that it will make much difference from the looks of their approach to security.

slave1

Kenjataimu wrote: »

Yeah it's a legit website.

https://haveibeenpwned.com/About

I'd recommend following that guy on twitter, it's a bit crazy how regular these hacks are happening.
https://mobile.twitter.com/troyhunt

Setup a brand new email address, went to that site and it was listed when I typed it in?
Legit me hole

Fr_Dougal

There will be 100k’s affected. Anyone with an account should change their password now.

long_b

slave1 wrote: »

Setup a brand new email address, went to that site and it was listed when I typed it in?
Legit me hole

I just tried a random Gmail one and it wasn't listed
Did you try a Yahoo account by any chance?

userfriendly

slave1 wrote: »

Setup a brand new email address, went to that site and it was listed when I typed it in?
Legit me hole

The creator Troy Hunt is renowned as an expert on data breaches and spoke at Congress in the US lately so yeah it's legit.

What email provider did you set up the account with? Some recycle usernames, as stupid as that seems

Dixon

slave1 wrote: »

Setup a brand new email address, went to that site and it was listed when I typed it in?
Legit me hole

It's legit and a good resource for breaches like this. The domain you set up the email address on may have been compromised

Snopes.com even links to it for breaches: https://www.snopes.com/2017/08/31/spambot-email-addresses/

I'm a good guy I swear

Dixon

Caliden wrote: »

I use a throwaway password on sites I don't give a fiddlers about. A different one for sites I do care about and then a separate password for my email accounts.

Of course google chrome stores all my passwords just in case on passwords.google.com

Good policy on varying your passwords but with this the concern is the linked name and addresses were also leaked which good password policy does not protect you against unfortunately

what could they do with your account in any case?
unless you store a credit card on it?

Suckit

There are more the 150 affected. I found a few dumps on Pastebin between 5 - 15 users per dump, I checked usernames in the list at random and was able to log in to every account i tried.
The dumps seem to have been happening since at least early November.