GMX.com Hacking

[kaptitsky]

I got some funky e-mails from an old GMX.com account so I went to login.

In my spam folder, there were 92 backscatter mails, error messages returned from mail sent from my account.

Logging in GMX demanded I change my password because of suspicious activity on my account.

Their inference was that I had let my password out, but I know that that they had let their system be breached, either with access to user information or little resistance to brute force attacks.

Admins love to blame users for password breaches, but the odds that somehow, someone got into my computer or my head are small. Much, much more likely that their security was breached. Bank robbers target banks, not individual depositors; much more productive.

Anyway, if you have a GMX account, even an old one, you might want to login and change your password.

They have a problem.

[kaptitsky]

I did as requested and changed my password and then deleted all mail and all contacts to leave the GMX account empty.

I have another large bout of backscatter today, though, though no warning that my account has been breached again. The spammers appear to have their own access to previous contents of the box and continue to send flights of spam.

[David]

Quote:

Originally Posted by kaptitsky

Logging in GMX demanded I change my password because of suspicious activity on my account.

Their inference was that I had let my password out, but I know that that they had let their system be breached, either with access to user information or little resistance to brute force attacks.

Though I do not have a GMX account, if that turns out to be the case, the fact that they were not upfront and honest with me, would be a greater concern than the fact that their systems were breached.

[chrisretusn]

I normally POP my GMX.com account. I just logged in, no issues, clean Inbox, clean Spam.

[Just Bill]

I haven't trusted GMX since they went through that period of locking up accounts under the pretense of preventing spam. As far as I'm concerned, they're a fly-by-night organization that I would not trust to handle my email.

[pyedka]

I've been using gmx as one of my main mailboxes via IMAP. So far I don't have much issue with it. Of course there are some spam which usually land in the spam folder.

Will keep an eye on it.

[jarland]

Quote:

Originally Posted by kaptitsky

Admins love to blame users for password breaches, but the odds that somehow, someone got into my computer or my head are small. Much, much more likely that their security was breached. Bank robbers target banks, not individual depositors; much more productive.

Anyway, if you have a GMX account, even an old one, you might want to login and change your password.

They have a problem.

Customers love to blame admins because they think they are more vigilant about their own security than a full team of server admins typically is. Quite frankly, admins get accused of having security holes by customers who have their passwords compromised constantly. A company should not halt all service, notify all customers, or perform full security audits every time a customer fails to manage their own security or take responsibility for it. Customers should not wield that kind of authority over a company's security protocols, unless customers are willing to pay for the admin time to perform said security audits.

Now that isn't to say that you are to blame or that they were not, in fact, compromised. However, take a step back for a second. Search Twitter. How many others are complaining publicly of this happening within the last 2-3 months? Do you believe that someone breached their servers and singled out you alone, reversed your password hash, then logged in directly to webmail under your account to send a few spam emails?

Logical deduction from your perspective is not sufficient to reach a conclusion. You must perform an investigation as deeply as you would have them perform to make such an accusation.