Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.
User profile for user: Aqellezra
Aqellezra Author
User level: Level1 44 points
Is there any way to find out what website the data leak was from when getting this on my iphone settings?
I want to find the culprit for me now having to change my password used on 59 other sites
[Re-Titled by Moderator]
iPhone 11
Posted on Sep 29, 2020 9:22 AM
Question marked as Top-ranking reply
User profile for user: Stulynn1000
Stulynn1000
User level: Level1 11 points
Posted on Nov 7, 2020 5:33 AM
I have a similar scenario, receiving a notification on my iPhone that approx 80 of my username/passwords are the subject of a data breach. However many of my passwords on this notification are different. Ie, not the same password across all sites. I often use a similar password but with different letters or numbers at the end.
Some of these notifications even related to my wife's email addresses and passwords, and one was my sons school log-on with different passwords.
So how can it be that all these websites have suffered data breach at the same time??
I can understand the concept of, say, a retailers website getting hacked and suffering a data breach that contains a list of all its customers including my email and password. And I get that as a precaution Apple may notify me about a potential breach for any other websites where I may have the same email & password combination. But why would I be notified of many other passwords being at risk? Is it because they may contain 'part' of the same password? But that still doesn't explain the notifications relating to my wife and sons passwords which are nothing like mine.
Its almost as if Apples whole key chain password app in my iPhone has been compromised and its spat out all the ones that don't contain a 18 key encryption.
I'm slowly working through them all again and changing them.
Thanks
View in context
Similar questions
- Password Has Appeared in a Data LeakWhat does it mean exactly when you get the data leak message for saved password to different sites in your iPhone setting? 22583
- Data leakAll of my important passwords including Snapchat, bank of Scotland, gmail etc. have shown up on a data leak and I cannot change my password. This happened after I updated my phone.could I get some help please? 8671
- Password in data leak notificationI received a notification on my iphone X about half an hour ago to say my password had appeared in a data leak. It listed the sites/passwords I needed to change. How do I find the notification again? Have looked in password and security, bot on my phone and my Mac - no joy. I just need to find it so that I can change my compromised passwords. Any help gratefully received. Thanks 28091
133 replies
Loading page content
Page content loaded
Question marked as Top-ranking reply
User profile for user: Stulynn1000
Stulynn1000
User level: Level1 11 points
Nov 7, 2020 5:33 AM in response to Aqellezra
I have a similar scenario, receiving a notification on my iPhone that approx 80 of my username/passwords are the subject of a data breach. However many of my passwords on this notification are different. Ie, not the same password across all sites. I often use a similar password but with different letters or numbers at the end.
Some of these notifications even related to my wife's email addresses and passwords, and one was my sons school log-on with different passwords.
So how can it be that all these websites have suffered data breach at the same time??
I can understand the concept of, say, a retailers website getting hacked and suffering a data breach that contains a list of all its customers including my email and password. And I get that as a precaution Apple may notify me about a potential breach for any other websites where I may have the same email & password combination. But why would I be notified of many other passwords being at risk? Is it because they may contain 'part' of the same password? But that still doesn't explain the notifications relating to my wife and sons passwords which are nothing like mine.
Its almost as if Apples whole key chain password app in my iPhone has been compromised and its spat out all the ones that don't contain a 18 key encryption.
I'm slowly working through them all again and changing them.
Thanks
Link
User profile for user: kitt161
kitt161
User level: Level1 4 points
Oct 18, 2020 4:02 PM in response to Aqellezra
i bought an iphone 8 plus on ebay and right when i was signing in to all my accounts that i used before it always says its been in a data leak, i want to know if this is from me buying an iphone from ebay or if its just like those scam phone calls you get when they ask for your credit card information. 
an example of one of the passwords that has been “leaked.” i just want to know if i have to change all my passwords, even my apple id.
Link
User profile for user: voxapple
voxapple
User level: Level1 10 points
Sep 30, 2020 10:17 AM in response to Johnathan Burger
I use unique passwords on all sites and have had this warning for several sites that use 5 or 6 figure number PIN's as their password (which are all different by the way).
Does this mean that:
- it has actually identified the website with my account username and password combo has been leaked, or
- just that these 5 or 6 figure number PIN's have been found on a compromised list for "someone"?
Clearly 1 causes me great concern but 2 would seem reasonable, in that there will be numerous people worldwide that would randomly choose the same 5 figure number, of which some poor sole has had their data breached.
Link
User profile for user: Lawrence Finch
Lawrence Finch
User level: Level10 207,414 points
Mar 28, 2021 10:46 AM in response to jarkko274
So you are advocating NOT changing a password that has been leaked?
Link
User profile for user: MrHoffman
MrHoffman
Community+ 2024 User level: Level10 122,219 points
Oct 1, 2020 7:13 PM in response to Aqellezra
Okay, here’s how this scheme works. Some service gets breached. There are lots and lots of service breaches, too.
Every password associated with each account listed in that and in every other breach is then tried on every other service.
Continuously.
Forever.
Re-use a password, and some miscreant will now have access to that service, and whatever additional access can be gained from there. Access ro an Apple,ID (and particularly one without two-factor enabled) is a Bad Day for the account holder, too.
Put differently... Duplicate passwords will get found, just as soon as there’s one been included in a server breach.
And if Apple is reporting this diagnostic, then the password is known to be associated with the account. Bad Day.
As for determining the number of breaches thar an email address has been found, see
Further reading over there will provide further background, too.
Resetting the phone is not necessary. Unique passwords are strongly suggested. Two-factor on important accounts such as your Apple ID, too.
Link
User profile for user: ayan244
ayan244
User level: Level1 4 points
Dec 29, 2020 2:03 PM in response to Aqellezra
Hey guys i got the same message so i clicked on it and it took me to the page with all leaked sites. I was gonna change all my passwords later so i turned my phone off. But now i can’t find the page again to change my password. Do y’all know where it is?
Link
User profile for user: Bbrokmeier
Bbrokmeier
User level: Level1 10 points
Dec 5, 2020 7:26 PM in response to Aqellezra
I was informed by Apple that all my passwords were part of a data leak. I don’t use my Apple password for anything except for Apple which means that they had the data leak. They are also telling me that every other password I have was leaked so they leaked all of my passwords?! What the heck happened?!
Link
User profile for user: Lawrence Finch
Lawrence Finch
User level: Level10 207,414 points
Jul 31, 2021 6:04 PM in response to boredumb
No, the warning is not a scam. Here is a lengthy explanation of how the leaked password warning is generated→Password Monitoring - Apple Support
To summarize, the leaked password list that is used for the leaked password warning came from hundreds of sites that have been hacked over the past several years (remember Equifax, that had 150 million accounts stolen, or Marriott that had over 200 million?), and the passwords have been found for sale on the dark web. There’s also a site where you can check your passwords and user IDs to see if they are on compromised password lists→https://haveibeenpwned.com. Google also has access to leaked password lists, and if you store passwords with Chrome those will be checked against these lists also.
This link describes how other warnings (weak password, reused passwords) work→Password security recommendations - Apple Support
Link
User profile for user: Johnathan Burger
Johnathan Burger
User level: Level9 67,387 points
Sep 29, 2020 10:28 AM in response to Aqellezra
You will never find the culprit.
Look at the news, many websites and companies are breached.
Many of them don't follow best practices of security by salting and hashing passwords.
It is estimated that 15 billion passwords are available to buy on the dark web.
Your best bet is to use a password generator to create a unique password for each and every website.
iOS has one built in, keychain:
https://support.apple.com/guide/iphone/automatically-fill-in-strong-passwords-iphf9219d8c9/ios
You can also use a service such as 1password or lastpass.
Link
User profile for user: Silverjoystix
Silverjoystix
User level: Level1 4 points
May 7, 2021 1:50 PM in response to ACliveB
This is the million dollar question no one else is asking. How does Apple know?
Link
User profile for user: jwpinnacle
jwpinnacle
User level: Level1 11 points
Nov 9, 2020 4:58 PM in response to Aqellezra
What’s going on - everyday I seem to be getting this message even after I-have updated my password.
I go into FB and I find my account is active 90 miles away - do a security check with FB nothing wrong but apple keeps saying password leaked-
Link
User profile for user: tutu786
tutu786
User level: Level1 12 points
Dec 2, 2020 11:39 PM in response to MrHoffman
But to keep passwords for every websites is insane. How can we remember those passwords? If this is the solution then it sucks. Normal people can't remember each and every password (now you will tell that you don't have to remember the password but instead your phone or computer will do it. Unfortunately, Life is not that simple.
Cyber researchers have to work more hard on solving this problem.
Link
User profile for user: Lawrence Finch
Lawrence Finch
User level: Level10 207,414 points
Dec 3, 2020 7:06 AM in response to tutu786
tutu786 wrote:
But to keep passwords for every websites is insane.
No, it is not only sane, it is the ONLY way to stay relatively safe. If you use the same password for multiple sites it pretty much guarantees that you will be hacked. Use a password vault app so you don’t have to remember any of them. If you use only Apple products the built in Keychain will do nicely. But all major web browsers also have the ability to save your passwords, including Firefox, Safari, Opera, Chrome, etc. And there are quite a few 3rd party password vaults; here are some (not a complete list):
- 1password (generally considered the best)
- lastpass
- SplashID safe
- Dropbox Passwords
All of these work the same way. They store your passwords using strong encryption, and you only have to remember one password for the app itself to find any password and have it entered automatically into the website or app.
Link
User profile for user: royce19
royce19
User level: Level1 15 points
Aug 10, 2021 3:11 AM in response to ACliveB
haveibeenpwned contacts multiple famous services such as wattpad and mathway, etc to see if they have been exposed to hackers and accounts have been sold or leaked, and might also confirm that your email or phone-number is part of that list.
This methodology has some limitations however, as it relies on companies actually admitting and giving a record of emails stating that they have been hacked.
Contrastingly Apple's Keychain services use a different method. Like many VPN services like NordVPN, Keychain actually references many deep web links to compromised accounts and immediately contacts the owner. Quote:
"To verify whether a password not present in the local list is a match involves some interaction with Apple servers. To help ensure that legitimate users’ passwords aren’t sent to Apple, a form of cryptographicprivate set intersectionis deployed that compares the users’ passwords against a large set of leaked passwords. This is designed to ensure that for passwords less at risk of breach, little information is shared with Apple. For a user’s password, this information is limited to a 15-bit prefix of a cryptographic hash. The removal of the most frequently leaked passwords from this interactive process, using the local list of most commonly leaked passwords, reduces the delta in relative frequency of passwords in the web services buckets, making it impractical to infer user passwords from these lookups."
(in short cutting through the bull-**** (excuse the french)) and is way faster and more secure of a system. Heres a link to apples website that explains it sort of well: Password Monitoring
Hope this helps!
Royce
Link
User profile for user: MrHoffman
MrHoffman
Community+ 2024 User level: Level10 122,219 points
Jul 31, 2021 7:45 PM in response to boredumb
For implementation details, see:
https://manuals.info.apple.com/MANUALS/1000/MA1902/en_US/apple-platform-security-guide.pdf#page132
On iOS and iPadOS, see: Settings > Passwords > Security Recommendations
On macOS, it’s hidden in Safari > Preferences > Passwords
If you’re getting notifications, one or more of your passwords may well be headed for trouble,
Link
"This password has appeared in a data leak" notice on iPhone
