The breaches continue to spread. This time, it's the craft-selling site Etsy.
The Etsy blog has announced that due to the eBay hack, bad guys have gotten hold of usernames and passwords of some Etsy sellers. Using that stolen information, they have sent out spam from the compromised accounts.
Etsy denies that it has been compromised, though.
It’s important to note that Etsy has no indication that we have suffered any compromise, and that your financial information and credit card data remain secure. Despite this we wanted to take a minute to remind you what you can do to help keep your Etsy account as secure as possible.
The flaw may be in the fact that many people reuse names and passwords in multiple places. For example, if you have an eBay username and password, and then use that same combo at Etsy, it only takes one being compromised to make them both compromised.
If your Etsy account has been hacked, the site has some advice.
- Change your password to a new, secure password. You should do this any time another site you use is found to have been compromised, especially if you’re using the same username or password elsewhere.
- Enable two-factor authentication, which adds an extra measure of security in addition to your password.
- Enable sign-in notifications if you are concerned about unwanted activity on your account. If Etsy detects anyone signing in to your account from a new browser or device, you will get an email notification. And if you are signing in via a new browser or device, you’ll be given the option to add it as a trusted device.
If you got caught in the eBay hack, you not only need to change your password there, you need to go through your other online accounts and change any shared passwords. And then, don't reuse the same passwords again!
I know that's a lot of passwords to remember, but don't worry. Use this site to safely and easily store all your passwords.