Jump to content

Holland America Data Breach Scam


Recommended Posts

Just an FYI, I received a scam email today requesting money. I’m attaching screen shots. The email shows my password as “proof” of who I am. 
 

The only place I use the password that was listed is for Holland America. I contacted local law enforcement and they said this is a common scam during a data breech. 
 

So, please update your password on Holland America if you haven’t already. 

C44FBB34-F769-458E-BD1F-9BF1AD755E5D.jpeg

6866AE3B-6914-421E-BC67-E78DE15AD02A.png

Link to post
Share on other sites

It would be hilarious if I got this considering I don't have a webcam.

 

Is this from the breach that occurred in April of last year? If so, I should be good since I didn't have a HAL account then.

Link to post
Share on other sites

I got the same email today but the password they said I used was from a travel site long since disappeared. It was not my Hal password. And it hasn’t been used for six years or so. 

Link to post
Share on other sites
44 minutes ago, lindaler said:

I got the same email today but the password they said I used was from a travel site long since disappeared. It was not my Hal password. And it hasn’t been used for six years or so. 

Wow! Good to know. 

Link to post
Share on other sites
8 hours ago, lindaler said:

I got the same email today but the password they said I used was from a travel site long since disappeared. It was not my Hal password. And it hasn’t been used for six years or so. 

I recived the same email also and the password was not HAL  it was a password I retired about 4 years ago.

I use a password manager with unique passwords for every site.

 

The OP should change the password on any sites they used that password on. It's on a list that has been sold from one or more breaches.

 

A

 

 

Link to post
Share on other sites

I've been receiving the sextortion emails at my work for several months. They're quite vivid in their description of my 'activity' while viewing porn sites. The emails have become more creative within the last month. Now instead of forwarding my acrobatic video, they're threatening to infect my family with COVID-19. Wonder how they would do that????  Incidentally I'm a woman and a senior citizen without a webcam. 😉

Link to post
Share on other sites
7 hours ago, AlanF65 said:

I recived the same email also and the password was not HAL  it was a password I retired about 4 years ago.

I use a password manager with unique passwords for every site.

 

The OP should change the password on any sites they used that password on. It's on a list that has been sold from one or more breaches.

 

A

 

 

Same here - I have no repeated passwords, so if one gets stolen, it's just a simple matter of changing that one.

 

You'd think passwords would be stored encrypted though so the hackers don't get anything useful. Now, if our saved credit card numbers aren't encrypted, that'd be criminally negligent...

Link to post
Share on other sites

Got similar one today with the HAL site password in the subject line.  I also use this password on rather harmless, I felt, sites and have it on a password manager.  I changed all same passwords used elsewhere and am not going to use the password manager any more. 

Link to post
Share on other sites
3 hours ago, acis said:

Got similar one today with the HAL site password in the subject line.  I also use this password on rather harmless, I felt, sites and have it on a password manager.  I changed all same passwords used elsewhere and am not going to use the password manager any more. 

I don't know what password manager you use but the breach most likely came from one of the websites that got hacked, not your password manager.

I use Roboform, have for years, use it generate different passwords for every site, the password the scraped had all been updated so it was years old information. The security center shows me where passwords are reused and when they are last changed or used.

 

image.thumb.png.2b6d0bda810a7e7f6977fe47e7307a11.png

 

image.png.7a28b20af21fca9d59e55e0503bc51bc.png

 

 

Before they had an android version I used some simple password for some sites I accessed from my phone, once it worked on my phone I changed all the weak duplicate passwords except a few.

 

A-

Edited by AlanF65
Link to post
Share on other sites
21 hours ago, catl331 said:

Are you sure? For most people these days it's built-in above their preferred screen.

As poster mentioned receiving the mail at work it could well be a desktop pc with separate monitor, which will not usually have a webcam.

Link to post
Share on other sites
14 hours ago, AlanF65 said:

I don't know what password manager you use but the breach most likely came from one of the websites that got hacked, not your password manager.

I use Roboform, have for years, use it generate different passwords for every site, the password the scraped had all been updated so it was years old information. The security center shows me where passwords are reused and when they are last changed or used.

 

image.thumb.png.2b6d0bda810a7e7f6977fe47e7307a11.png

 

image.png.7a28b20af21fca9d59e55e0503bc51bc.png

 

 

Before they had an android version I used some simple password for some sites I accessed from my phone, once it worked on my phone I changed all the weak duplicate passwords except a few.

 

A-

Agreed, there's never been passwords leaked from a password manager. (LastPass got hacked at one point but it was just customer data, not passwords.) I'd definitely still recommend a password manager since the alternative is using the same password everywhere (and having to change all of them when one gets compromised).

 

LastPass and 1Password (in addition to Roboform mentioned above) are the major ones; if you're leery of cloud services, there's a free and open source one called Keepass that stores its data locally (ideal if you just have one computer, but be sure to save a backup!). There are mobile versions as well, and you can store the data on a cloud drive (Dropbox, Google Drive, etc.) if you want your passwords synced between devices. This is the method I use and it works well.

Link to post
Share on other sites
On 4/9/2020 at 11:49 PM, AlanF65 said:

I recived the same email also and the password was not HAL  it was a password I retired about 4 years ago.

I use a password manager with unique passwords for every site.

 

The OP should change the password on any sites they used that password on. It's on a list that has been sold from one or more breaches.

 

A

 

 

Thanks! Password has been changed. I also use unique passwords for every site so it was easy to know this one was from HAL. 

Link to post
Share on other sites
On 4/10/2020 at 2:36 PM, AlanF65 said:

I don't know what password manager you use but the breach most likely came from one of the websites that got hacked, not your password manager.

I use Roboform, have for years, use it generate different passwords for every site, the password the scraped had all been updated so it was years old information. The security center shows me where passwords are reused and when they are last changed or used.

 

image.thumb.png.2b6d0bda810a7e7f6977fe47e7307a11.png

 

image.png.7a28b20af21fca9d59e55e0503bc51bc.png

 

 

Before they had an android version I used some simple password for some sites I accessed from my phone, once it worked on my phone I changed all the weak duplicate passwords except a few.

 

A-

Agreed, was just too lazy, but I will probably get a password generator software.  It must have been the HAL breech because there was no scam emails mentioning the unique passwords I had stored.

Link to post
Share on other sites
1 hour ago, acis said:

For me it wasn't Marriott's site.  Just got another scam email today.

Me too, last week they wanted $1,900 or they were going to post the vids of all my supposed acts, today its up to $2,000.

 

Link to post
Share on other sites
5 hours ago, acis said:

For me it wasn't Marriott's site.  Just got another scam email today.

 

4 hours ago, AlanF65 said:

Me too, last week they wanted $1,900 or they were going to post the vids of all my supposed acts, today its up to $2,000.

 

 I, also, got another email today and it went from $1900 to $2000 as well. 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Forum Jump
    • Categories
      • Thank You for 25 Years - Click for Fun Stuff!
      • Forum Assistance
      • Q&A: Cruise Insurance with Steve Dasseos of TripInsuranceStore.com - June 2021
      • New Cruisers
      • Cruise Lines “A – O”
      • Cruise Lines “P – Z”
      • River Cruising
      • ROLL CALLS
      • Digital Photography & Cruise Technology
      • Special Interest Cruising
      • Cruise Discussion Topics
      • UK Cruising
      • Australia & New Zealand Cruisers
      • Canadian Cruisers
      • North American Homeports
      • Ports of Call
      • Cruise Conversations
×
×
  • Create New...