Identity theft monitoring alert

General Topics
1

I am posting to see if anyone else has had this happen. Due to a huge data hack of my health insurance company I was offered free credit and identity theft monitoring for a period of time. The service I use monitors various personal information including e-mail addresses. On 10/11, I received an e-mail alert notifying me that they had found my e-mail address had been “found” online and the following info:

"The following data was found compromised with your email address.

Email
(it goes on to list my e-mail address)

Password

Potential Site
forum.avast.com"

Don’t know what they mean by “potential site”. I do know that it’s been 2 years since I have viewed or posted anything on the Avast user forum. Not sure whether I should delete my Avast forum account entirely or just change my forum account password (since there is no option to change my user name). I have already changed the password for my e-mail account.

Thanks for any advice or information.

2

They are warning for something that happened over 2 years ago.

https://forum.avast.com/index.php?topic=191824.msg1343001#msg1343001

3

Maybe you should find a better service to warn you. If it takes 2 years, the cat is long out of the bag.

4

Likely it is a automated process that they are using.

  • Someone posted the list with email addresses again somewhere on the (dark) web
  • They found that list
  • As it is just posted, it is treated as a new list (although it is not)
  • As they consider it to be a new list, a warning goes out to the people on that list

If they have a human check things before sending out the warning, this would likely not have happened.

As multiple services are sending out the warning at about the same time, it seems they are sharing information.
If that is so, they could be violating privacy laws.
In my country it is not allowed for a company to share a database with email addresses with others.

5

Thank you Eddy for the explanation of how the “process” works. To Bob - I was offered this service by the health insurance company who experienced the data breach. There was no choice in what service to use. Since it was free, I thought “what the heck, can’t hurt”. I guess I can continue to expect to get periodic alerts that my e-mail address has been “compromised” based on events from ancient history or the re-sharing or selling of lists containing it. I’m sure the address is out there on the “dark web” on numerous lists, since I’ve had the same account for literally decades. I just wanted to make sure that something new hadn’t happened specifically regarding the Avast forum. Thanks again for your responses.

6

Is this familiar: http://www.modernhealthcare.com/article/20160330/NEWS/160339997 If it is, it effected millions and still
plagues them today. :cry: