Carbonite Online Backup Service Resets User Passwords Due to Cyber Attack

Online backup services are a sure bet for safeguarding your computer's data with a proper backup, whether it is a Mac or Windows PC. Unfortunately, hackers are taking aim at many online services, one being the Carbonite online backup service, which decided to reset all user passwords due to a large scale ATO (account takeover) attack.

Just this week, the GoToMyPC service suffered a cyber attack that forced remote access service to have users reset their passwords. Virtually identical to the ATO attack that took place at GoToMyPC, Carbonite has succumbed to the same fate that resulted in the company taking precautions to prevent infiltration of user accounts by forcing everyone to reset their login passwords.

Brute-force attacks, or cyber attacks that attempt to log into multiple user accounts through previously compromising other related online account login credentials, are becoming a growing concern for many companies that have an enormous online user base. Moreover, many of the ATO attacks result in compromising massive amounts of data, mostly including the login details of countless user accounts that are later sold over the Internet on the Dark Web.

After the cyber attack had taken place and a brute-force infiltration was attempted on several Carbonite accounts, which is believed to be a result of a recent mega breach that included a collective of user logins from multiple online services, Carbonite made the wise decision to reset all user passwords. The underlying issue within the recent cyber attacks that compromise login credentials is that many users utilize the same passwords for multiple accounts. Due to such a fact, when hackers breach servers and collect login details and then sell off or share the data, hackers can use passwords across several services in an attempt to take over online accounts.

Many companies utilize different methods for their online logins in choosing to use two-factor authentication. Carbonite, for unknown reasons, has elected not to use a two-factor authentication for login. Though, using a two-factor authentication would be an added benefit to adding an extra layer of security and potentially prevent attackers armed with user logins from accessing accounts.

Services like GoToMyPC, Teamviewer, and Carbonite have a plethora of user information and potential access to other systems. With hackers potentially infiltrating user accounts on Carbonite, the possibilities of exposing or using personal user information or their personal files is highly likely. With that in mind, we are not surprised Carbonite has made the decision to reset all user passwords instead of selective accounts that they believe are part of the recent cyber attack.

The level of sophistication is increasing with each data breach that takes place at the hands of crafty hackers. For obvious reasons, it is in the best interest of services to implement new safeguards due to the increasing rates and sophistication of cyber attacks and data breaches.