• The TUGBBS forums are completely free and open to the public and exist as the absolute best place for owners to get help and advice about their timeshares for more than 30 years!

    Join Tens of Thousands of other Owners just like you here to get any and all Timeshare questions answered 24 hours a day!
  • TUG started 31 years ago in October 1993 as a group of regular Timeshare owners just like you!

    Read about our 31st anniversary: Happy 31st Birthday TUG!
  • TUG has a YouTube Channel to produce weekly short informative videos on popular Timeshare topics!

    Free memberships for every 50 subscribers!

    Visit TUG on Youtube!
  • TUG has now saved timeshare owners more than $24,000,000 dollars just by finding us in time to rescind a new Timeshare purchase! A truly incredible milestone!

    Read more here: TUG saves owners more than $24 Million dollars
  • Sign up to get the TUG Newsletter for free!

    Tens of thousands of subscribing owners! A weekly recap of the best Timeshare resort reviews and the most popular topics discussed by owners!
  • Our official "end my sales presentation early" T-shirts are available again! Also come with the option for a free membership extension with purchase to offset the cost!

    All T-shirt options here!
  • A few of the most common links here on the forums for newbies and guests!

Did anyone else get a data breach using Tug this morning

C

csalter2

TUG Member
Joined
Sep 3, 2008
Messages
1,969
Reaction score
554
Location
Orange County, California
Resorts Owned
Marriott Ko Olina
Marriott Aruba Surf Club
Marriott Ocean Pointe
Diamond Resorts Gold
I received a Google notice this morning that I had a breach of my TUG account. My password did not work and I noticed that the threads all started from the beginning instead of where I left off. My google account said it was specifically my two TUG passwords. I was able to change them and get back. Have other folks experienced this?
 
Nope. All appears normal for me.
 
No problems here however, you may want to ask this in lounge forum. More members may look there that are not part of Marriott Vacation Club. ;)
 
No problems here.

FYI, I work in information security. Most of the account takeovers we see are users who share the same password across multiple sites or who use easy to guess passwords. Could not say this is the case for you, but with the many public breaches that have occurred over the last few years, this ends up being fuel for hackers that target accounts for takeover. (Then again, I'd ask why they would target your TUG account... there is very little to gain by taking over the account.)

Everyone should use a unique password for each site -- I suggest a password vault solution like Lastpass.

Good luck.

-ryan
 
sjsharkie said:
No problems here.

FYI, I work in information security. Most of the account takeovers we see are users who share the same password across multiple sites or who use easy to guess passwords. Could not say this is the case for you, but with the many public breaches that have occurred over the last few years, this ends up being fuel for hackers that target accounts for takeover. (Then again, I'd ask why they would target your TUG account... there is very little to gain by taking over the account.)

Everyone should use a unique password for each site -- I suggest a password vault solution like Lastpass.

Good luck.

-ryan
Click to expand...

As you point out, there is likely little 'value' in taking over a TUGger's account, but if the common password issue applies the TUG account may not have been the real target and is only collateral damage to the breach sweep. If the OP has any other accounts (especially those with biographic or financial information) that have the same password as their TUG account, I would be focused on checking those.
 
How would Google know about a breach of your TUG account? The two aren't connected. Did you get an email in your GMail account saying there was some attempted login to your TUG account? I am not sure that TUG notifies of attempted logins from another computer or location. Perhaps something that @TUGBrian should look at.
 
Nothin' here, but agree to using unique passwords across websites. Especially economically sensitive ones. some sites are (imo) who cares sites. Like the ones where we get TV listings, or recipes or bus schedules, but sites that store credit card, or specific address or banking- you HAVE to keep those unique.

Jim
 
This morning I received a data breach warning from chrome telling me that all of my passwords have been compromised. A new page popped up directing me to a chrome password area. This happened as I was looking at Tug reviews of Hawaii resorts.

My action was to just close the new page and run spyware stuff.

I was wondering if anyone had this problem and if it was legit.

Bill
 
No. I didn’t get anything.

I would have done what you did, restarting my computer 1st. Most often these are scams.
 
No problem, I think I signed on before 6AM this morning. I did not received a message.
 
Nope. I don't use a google or gmail account to access.
 
@easyrider posted a similar thread in the Lounge.

Dave
 
@csalter2 posted a similar thread in the Marriott forum.

Dave
 
sounds like a spammer/scammer to me...gmail would have no information regarding your TUG account.
 
if someone could forward me the email they got or a screenshot, it would answer alot of questions!

thanks!
 
TUGBrian said:
sounds like a spammer/scammer to me...gmail would have no information regarding your TUG account.
Click to expand...
THough there are times that a server or someone's computer is compromised and they get a popup about some issue and to call "technical support". Common scam for many years, people would call, they would remote in to your computer and purport to fix something and charge you lots of money.
 
yep, most certainly lots of spyware/malware links out there that would pop up such a message on your PC!

hard to answer that without more info though, hopefully ill get a screenshot or a copy of the email soon.
 
easyrider said:
This morning I received a data breach warning from chrome telling me that all of my passwords have been compromised. A new page popped up directing me to a chrome password area. This happened as I was looking at Tug reviews of Hawaii resorts.

My action was to just close the new page and run spyware stuff.

I was wondering if anyone had this problem and if it was legit.

Bill
Click to expand...

That’s exactly what happened to me this morning. When I tried to login to Tug my password was not accepted.
 
if you still see this or see it again, could you please take a screenshot or forward me the email?

im still not quite sure if this was a message in a browser, some sort of popup..or an email?

was it on the ratings/reviews? or the forums here? those are two completely different servers.
 
TUGBrian said:
if you still see this or see it again, could you please take a screenshot or forward me the email?

im still not quite sure if this was a message in a browser, some sort of popup..or an email?

was it on the ratings/reviews? or the forums here? those are two completely different servers.
Click to expand...

I had both the ratings/reviews and forums to change. I received the message from my google chrome account. I am aware of fake messages, so I went into my google account from my own browser not theirs. However, first I tried to get into my TUG account and couldn’t.
 
I wonder if it was a bad Google ad?
 
clicked on any links to google docs in emails recently?
 
When something like this happens to me, I run some scans of my HD (like with Malwarebytes), delete cookies with all browsers, block pop-ups & flash (again), defrag (just 'cuz I should), and reboot. Usually, that clears things up.
.
 
You must log in or register to reply here.
Top