- Joined
- Aug 20, 2011
- Messages
- 6,315
- Reaction score
- 1,125
We have cox for internet. I have my main account, with a very long and complicated password which I don't use for emails and then several email accounts all with unique passwords under it. Because of a previous breach with my account at cox (6 years ago), I don't use my cox email for anything that has to do with money or anything else that I deem important.
I checked my google email last night and saw that I had an email from cox saying that I changed the pass on my other cox email and that the change occurred from the main account. I tried to log into both accounts and both had the passwords changed. I told my husband to check his personal and business emails that were under that main cox account and both of those were changed. He had just been on his email less than an hour earlier, so we caught it quickly.
I went on livechat and they changed all the passwords for me and offered to sell me McAfee for cox, but I had been texting with my cyber security daughter and she already had me running windows defender. So, the odd thing is that the change was made from my primary account, which I don't use for anything other than paying the bill. It's not a password that someone could get out of guessing and I think it would take months to get from brute force. I have my passwords on my computer in KeePass. At this point, it seems like Cox email was the only thing that was compromised.
My daughter had me call cox and ask them how someone got into my main account. They wouldn't tell me that, just that the change showed up from earlier when the livechat agent changed it for me and there were two email verifications sent earlier, both to an email address that I never heard of - which my daughter looked up and it belongs to a chiropractor in a different state. My daughter said that email was probably compromised, too. I asked cox if they could see where the person was located who made the changes and she said she couldn't tell me that and suggested that I set up 2 factor auth, which I already did before I called them. I asked specifically if the password changes came from in house and she said that if I set up 2 factor my account would be safer now. Sounds sketchy to me. I just don't see how someone could get control of the main account like that. I don't even know when the last time was that I logged into that account. It's basically just a placeholder for everything else that we do there.
I checked my google email last night and saw that I had an email from cox saying that I changed the pass on my other cox email and that the change occurred from the main account. I tried to log into both accounts and both had the passwords changed. I told my husband to check his personal and business emails that were under that main cox account and both of those were changed. He had just been on his email less than an hour earlier, so we caught it quickly.
I went on livechat and they changed all the passwords for me and offered to sell me McAfee for cox, but I had been texting with my cyber security daughter and she already had me running windows defender. So, the odd thing is that the change was made from my primary account, which I don't use for anything other than paying the bill. It's not a password that someone could get out of guessing and I think it would take months to get from brute force. I have my passwords on my computer in KeePass. At this point, it seems like Cox email was the only thing that was compromised.
My daughter had me call cox and ask them how someone got into my main account. They wouldn't tell me that, just that the change showed up from earlier when the livechat agent changed it for me and there were two email verifications sent earlier, both to an email address that I never heard of - which my daughter looked up and it belongs to a chiropractor in a different state. My daughter said that email was probably compromised, too. I asked cox if they could see where the person was located who made the changes and she said she couldn't tell me that and suggested that I set up 2 factor auth, which I already did before I called them. I asked specifically if the password changes came from in house and she said that if I set up 2 factor my account would be safer now. Sounds sketchy to me. I just don't see how someone could get control of the main account like that. I don't even know when the last time was that I logged into that account. It's basically just a placeholder for everything else that we do there.