I just got a notification that my password was in a data breach, but it’s a strong, unique one I only use for my banking site. I’m trying to figure out if this means my actual bank account was compromised or if it’s just that the password hash was found somewhere else.
|
What should I do if my banking password appears in a data breach?
|
JohnTM
Junior Member
DavidL
Junior Member
Hard to tell from here. If that password was only for your bank, the alert usually means the hash or the dump containing it showed up somewhere, not that your actual login was used. Banks store salted hashes, so a leaked hash alone isn0t enough to get in. The real risk is if you reused it elsewhere or someone got the hash and tries variants.
Daniel_G
Junior Member
Yeah, I got something similar once. I checked that bank account's recent logins and there was nothing obvious. I changed the password anyway, even though it was unique to that site, and turned on alerts for big withdrawals.
JosephW
Junior Member
I keep thinking maybe the alert is noisy. The data piece could be old, a random hash dump, and nothing correlates to your bank. It wears on you though.
|
|
« Next Oldest | Next Newest »
|
