https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/ Prusa3D Forum Discussion Board en-US Fri, 10 Apr 2026 19:47:41 +0000 wpForo 60 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-136150 Mon, 01 Apr 2019 19:28:32 +0000 ... but the hashes are useless in encrypted form... No, they are not. But I don't want to give you sleepless nights ;)]]> General discussion, announcements and releases Nikolai https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-136150 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-136128 Mon, 01 Apr 2019 17:25:55 +0000 Sorry ya'll. I've been quite busy. To answer a question, yes, I do have a password manager and I did use a password that has been used on other sites. However, this is easily changed, and the majority of passwords for my LastPass have been generated for each site. Thanks for the information. The data breach notice made me think that prusa's website itself had been breached. I have since seen this notice on a few other sites as well.

LastPass uses 256bit blowfish encryption and one way hashes. Unencrypted data is not stored on company servers. LastPass actually has been breached, but the hashes are useless in encrypted form. So I'm not too worried, yet, about it being breached.]]> General discussion, announcements and releases scottypres https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-136128 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135179 Mon, 25 Mar 2019 23:09:50 +0000 ... until the password manager is the site breached... :lol: It doesn't work that way with a decent password manager. Even if that does happen, all the attacker gets is an encrypted blob - each user has their own decryption key that the manager doesn't have. The risk is much higher if you try to manage passwords on your own, which encourages simple, predictable and reused passwords. If only it was that simple...

https://www.theregister.co.uk/2017/02/28/flaws_in_password_management_apps/

Have a look down the list at some of the offenses.

Note I'm not disagreeing with you... just pointing out there are still vulnerabilities to be cognizant of. FWIW I have a hardware password manager that is completely offline in its storage, reducing the "cloud" attack vector]]> General discussion, announcements and releases vintagepc https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135179 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135177 Mon, 25 Mar 2019 22:49:31 +0000 ... until the password manager is the site breached... :lol: It doesn't work that way with a decent password manager. Even if that does happen, all the attacker gets is an encrypted blob - each user has their own decryption key that the manager doesn't have. The risk is much higher if you try to manage passwords on your own, which encourages simple, predictable and reused passwords.]]> General discussion, announcements and releases holmes4 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135177 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135175 Mon, 25 Mar 2019 22:46:00 +0000 Just about everyone's email address will have been breached. That's not what Password Checker is looking for. It is comparing a hash of the password against a list of known breached passwords. What you can check at https://haveibeenpwned.com/Passwords is if your password has been revealed in a breach.

The best advice is to use a password manager (LastPass, 1Password, etc.) and use an automatically generated, strong and unique password for every login. That way "password stuffing" won't hurt you much should one site be breached (and have passwords revealed). ... until the password manager is the site breached... :lol:]]> General discussion, announcements and releases vintagepc https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135175 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135174 Mon, 25 Mar 2019 22:43:32 +0000 https://haveibeenpwned.com/Passwords is if your password has been revealed in a breach.

The best advice is to use a password manager (LastPass, 1Password, etc.) and use an automatically generated, strong and unique password for every login. That way "password stuffing" won't hurt you much should one site be breached (and have passwords revealed).]]> General discussion, announcements and releases holmes4 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135174 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135135 Mon, 25 Mar 2019 16:48:46 +0000 To confirm, I'd check your E-mail account with haveibeenpwned.com. That site will tell you where any breaches have come from.]]> General discussion, announcements and releases D https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135135 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135115 Mon, 25 Mar 2019 13:47:16 +0000

You never reported back here, but I'm interested: Did you use the same email and password on other websites? OP is too busy e-mailing every website that he saved his password on telling them that there's a data breach :lol:]]> General discussion, announcements and releases imod.systems https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135115 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135105 Mon, 25 Mar 2019 11:07:12 +0000 I got this notification in chrome that shop.prusa3d.com had a data breach and I should change my password. You never reported back here, but I'm interested: Did you use the same email and password on other websites?]]> General discussion, announcements and releases Spacemarine https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-135105 https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-134208 Mon, 18 Mar 2019 23:36:17 +0000 Data Breach plugin you installed, the description says:
Wherever you sign-in, if you enter a username and password that is no longer safe due to appearing in a data breach known to Google, you’ll receive an alert. Please reset your password. If you use the same username and password for any other accounts, please reset your password there as well. This means you are using an account and password combination that you used elsewhere on a site that was compromised. If you are using the same login name and password on multiple sites, you should stop doing so and change all the passwords you use on affected sites.]]> General discussion, announcements and releases bobstro https://forum.prusa3d.com/forum/original-prusa-i3-mk3s-mk3-general-discussion-announcements-and-releases/shop.prusa3d.com-data-breach/#post-134208