[HLUG] Odd security email

Julian Robbins joolsr1 at gmail.com
Sun Oct 13 11:28:10 UTC 2019


Hi Everyone

I just received the email purporting to be from booking.com

First time I've seen an email quite like this.

Read the message below then come back.

Firstly, if they say they think my password has been compromised but via
another unconnected site . If it's unconnected how do they know my password
has been hacked? Perhaps they routinely run passwords against the 'have I
been owned list' ?

It is very good security advice they give especially regarding changing
passwords and enabling TFA, but how do they know my password on a site
unconnected to them?

Answers in a postcard please?

Julian




As a precaution, you need to reset your Booking.com password

Hi Julian,

We're getting in touch to let you know we have temporarily locked your
Booking.com account.

During routine security monitoring, we discovered that your login
credentials may have been compromised via another site unconnected to
Booking.com. Because many people use the same email and password
combinations across multiple sites, we have temporarily locked your account
as a precaution. Your Booking.com account is safe and has not been
compromised.

To access your account again, you simply need to reset your password. We
strongly advise you to do the same for any other sites and services where
you use the same password, creating a strong, unique password for each one.

Resetting your password can be done in four easy steps:

   - Go to the Booking.com homepage
   - Select ‘Sign in’ at the top of the homepage
   - Click the ‘Forgot your password?’ link
   - Enter your email address and we’ll send you a link to reset your
   password

Enabling two factor authentication (where an additional log-in code is sent
to you, usually via a mobile device) is also one of the best ways you can
ensure the safety of your online accounts. You can enable this for your
Booking.com account in the Security tab on your Booking.com account
settings.

We take your security and privacy very seriously, and will contact you
quickly if we notice anything unusual in the future.

Many thanks,

The Booking.com Security Team


More information about the Herefordshire mailing list