Facebook puts my account on ice

[Muse]

An email was sent me around 6AM this morning saying this:

Your Facebook account was recently logged into from a computer, mobile device or other location you've never used before. For your protection, we've temporarily locked your account until you can review this activity and make sure no one is using your account without your permission.

I very rarely go to Facebook, almost never. When I went to Facebook just now after seeing the above mentioned email it said my account was deactivated and it indicated that access was attempted from approximately Washington DC. I'm in California and I'm mystified that someone or a bot tried to log into my account from the east coast. The password I have for Facebook is one I commonly use. Do I now have to change that password for all sites for which I use it? :'(

 

[Aikouka]

The password I have for Facebook is one I commonly use. Do I now have to change that password for all sites for which I use it? :'(

Even though a lot of websites use usernames instead of an e-mail address, which Facebook uses, you are probably better off changing it. It's certainly going to suck going through them, but it's better to be safe than sorry.

 

[dud]

An email was sent me around 6AM this morning saying this:

Your Facebook account was recently logged into from a computer, mobile device or other location you've never used before. For your protection, we've temporarily locked your account until you can review this activity and make sure no one is using your account without your permission.

I very rarely go to Facebook, almost never. When I went to Facebook just now after seeing the above mentioned email it said my account was deactivated and it indicated that access was attempted from approximately Washington DC. I'm in California and I'm mystified that someone or a bot tried to log into my account from the east coast. The password I have for Facebook is one I commonly use. Do I now have to change that password for all sites for which I use it? :'(

They are doing you a favor. Terminate your account ...

 

[MotF Bane]

You should change your password all over the place.

 

[eits]

 

[blinblue]

You should change your password all over the place.

Do this.
If you logged into your facebook with your usual password, that means that "they" now know your real password and your email address. It doesn't take much work to figure out what else you have associated with that email. And especially change your email's password if its the same as your facebook one.

 

[moshquerade]

that must be so cool...

your account is on ice

 

[mattpegher]

Yes if your password for facebook is one you commonly use, you will have to change it for any critical accounts that you have. Bots or people will be trying to access any possible account you have. Especially bank accounts, emails that contain information, any account that may have a credit card on file.
You have a lot of work ahead of you, get to it. sorry.

 

[Gibson486]

Happened to me months ago. I had to change my other accounts too....

 

[Schfifty Five]

Are you sure that email was real?

Did you actually going to Facebook and try to log in?

 

[flvinny521]

Did you log in using a mobile phone browser?

 

[Ichinisan]

Are you sure that email was real?

Did you actually going to Facebook and try to log in?

This. It could have been a phishing email that takes you to a look-a-like web site to reset your password.

 

[Ms. DICKINSON]

Front door access by the feds. FB gave them backdoor access and why didn't they use it?

 

[irishScott]

that must be so cool...

your account is on ice

http://www.youtube.com/watch?v=VNaDZIrxh-0

 

[Muse]

Are you sure that email was real?

Did you actually going to Facebook and try to log in?

Yeah, that's exactly what I did, which I guess proves that the email was for real.

Most of my accounts of major concern ( i.e. bank accounts and credit cards and such) don't use that password but even so I think I should go around and change everything to a new password, maybe even the banks, etc.

 

[Muse]

Did you log in using a mobile phone browser?

I never do that. I logged in from one of my home LAN networked machines.

 

[Muse]

This. It could have been a phishing email that takes you to a look-a-like web site to reset your password.

Yeah, that occurred to me later, but I'm pretty sure I checked by typing www.facebook.com into my Firefox and got the info about someone/something in Washington DC trying to log into my facebook account. I'm going to double check that right now.

OK, I did that again and tried to log in and got this:

Your account is temporarily locked.
Someone recently tried to log into your account from an unrecognized device or location. Please verify if it was you who tried to log in.

The URL displayed in my Firefox is:

https://www.facebook.com/checkpoint/

Then I click Continue and get this:

Suspicious Account Access

Your account was recently accessed from a location we're not familiar with. Please review the activity details below:
Near Cherry Hill, NJ, US (Today at 6:15am) from Firefox for Win7

OK, it wasn't Washington DC, but close to it, I didn't notice before it probably also said Cherry Hill, NJ (I saw Washington DC on the map that was shown me and deduced that it was from DC, obviously incorrectly). This looks damned for real.

Then they want me to hit one of two buttons, one saying I don't recognize the access, the other syaing it was OK. I chose the first, of course, and then Facebook wants me to choose a new password. I didn't bother. What makes me think it won't be hacked again? In any case, Facebook isn't very important to me. When I get emails saying someone has attempted to friend me I usually ignore it unless it's someone of real importance to me, which does happen. Basically I don't care to nurture my Facebook account. I have too many more important things to do...

 

[Newbian]

No no, it's like this:

 

[Muse]

Even though a lot of websites use usernames instead of an e-mail address, which Facebook uses, you are probably better off changing it. It's certainly going to suck going through them, but it's better to be safe than sorry.

Well, I spent half the last weekend doing similar things, namely changing my email address so I know pretty much what's entailed here. I'll probably have to confirm most of the changes by hitting links sent me in emails. I guess I'll spend a little time thinking over what new passwords I want to use. I have never knowingly had anyone or anything garner any of my passwords, but it's certainly something I've considered, as should anyone. I think there are maybe programs that will help you support a whole slew of passwords but I don't use one. Roboform?

 

[Muse]

No no, it's like this:

LOL, the resemblance is striking!

 

[God Mode]

I had problems with my yahoo account after buying something from China. They sent me an email stating that I need to change my password and secret question before gaining access again. Meh.

 

[Muse]

I'm wondering how someone got my password. It wouldn't be guessed. I figure it was someone who hacked or got ahold of user account data somewhere, maybe actually Facebook. I have figured all along that if I register at dozens and dozens of places online sooner or later someone will get ahold of my data including my name, username if any, email address and the password I used.

Why would someone want to log in as me at Facebook?

The particular password they got is not one I use when I'm particularly nervous about someone using my account information. Even so, I figure I should stop using it and maybe I should change my other passwords too.

 

[Muse]

I had problems with my yahoo account after buying something from China. They sent me an email stating that I need to change my password and secret question before gaining access again. Meh.

I am a database programmer. My last full time job I was the database administrator and programmer for a midsized company (~200 employees) that served most of the largest technical companies in the USA and many other companies large and small and some individuals. As such I had access to plenty of sensitive information of people working in those companies and any individuals who subscribed to our services, including names, addresses and credit card numbers, by the many thousands. That experience convinced me that this type of information is very difficult to make really secure. Well, it can be, but it often is not. I have integrity and would never consider compromising it but putting that kind of data into the wrong hands can be a real problem. That's why they made you change your password and secret question.

 

[flvinny521]

I think there are maybe programs that will help you support a whole slew of passwords but I don't use one. Roboform?

I use LastPass.

 

[SunnyD]

http://www.youtube.com/watch?v=VNaDZIrxh-0

I was thinking more of this.