|
>Can someone more knowledgeable than me explain how my passwords could have been leaked from Google or Apple? Or is this just bad reporting? A lot of this data, probably 95% + is from mass leaks from hacked sites. Hacked some non-google non-apple site, maybe 3 years ago, maybe 10. Your login to that site is your email (@gmail.com) so there you go. your email may be in there several times with different passwords, corresponding to several hacked sites. if on whatever site, dropbox (which had been hacked this way), your dropbox login is same as google login.. there you go, that's how they did it. some hacked sites have your password in plaintext, some with a weak hash algorithm which easily got reversed, either way, outcome is your password is known rest of the passwords are from something now becoming more popular which are "stealer logs" - basically malware that's taking screenshots, scanning for bitcoin wallets, keylogging credentials, steam info etc, and logging it all. the stealer type systems have caught me eye in the past few years, the 2020s, but I'm sure that community existed prior, and certainly this type of software goes at least as far back as the '90s. |