V
V
vitalya_pn2015-04-14 10:27:57
Passwords
vitalya_pn, 2015-04-14 10:27:57

How did I get other people's data in autocomplete?

Hello. I have a year-long story that I myself cannot unravel. Decided to contact you.
The crux of the matter is that someone else's user data appeared on my machine in the saved login\password forms. Those. when I go to certain sites, I see already filled fields with another person.
How it all began:
About a year ago, I saw that when I go to gmail and the VK site without entering a login and password, I see other people's data. I did not know this mail. Going into someone else's account, I looked at the pictures, mail. I did not know such a person and never saw him. I thought that somehow google synced the wrong data and this problem happened. I wrote to this man, asked if he knows how it could have happened. He dryly replied that he knew nothing and quickly changed passwords on all services. I calmed down and forgot about him. It was in the Chrome browser.
A year has passed and by chance already on a new machine with a different OS (Mac) and in a different browser (Safari) I again see the data of the same person in the login field on gmail and VK. And again, the passwords fit and I can go into his accounts.
How is this even possible?
What came to my mind:
- somewhere there are problems in syncing icloud. But at the time of the first problem a year ago, I didn’t even have a Mac
- somewhere there was a problem in syncing google. But why exactly the same person?
Now I'm completely stumped and can't figure out what's going on. Maybe someone else has passwords from my accounts.
Web experts, tell me where to dig and what is it all about?

Answer the question

In order to leave comments, you need to log in

7 answer(s)
A
Arsenii Gorkin, 2016-01-22
@Arsenii_Gorkin

The other day, a colleague of ours had a similar situation. But! The situation turned out to be much worse than described. The fact is that the account that appeared 3 days ago in his Firefox belongs to our client. That's the thing.
The computer (laptop) on which this account originated is personal and NO ONE EVER except me and the owner had access to it. However, after analyzing the situation, we found that mail (work) is duplicated on his computer. We developed several versions (there were variants with sabotage, with a set-up, so that later we could be convicted of stealing data, since the account opened the door to mail and everything that our client does, but we refrained from reading other people's letters (we do not do such things) "But that's not the point. Now the legal department is investigating the incident. While the IT department was figuring out: how could this happen?
In a few hours of work, we were able to offer a technical version of what was happening:
The Trojan was written in a low-level language (say, C) and sent as an attachment to our employee via mail. At the moment the virus is launched, it [the virus] creates copies of cookies from the OS that are related to the Google account and a) either sends this data to a remote hosting (possibly also hacked, i.e., as is now very common when spammers and hackers break sites and hang mailing scripts there, which send spam on behalf of those sites). Further, on hosting, a similar script creates a letter with content like: " Hello, my name is Marina, I'm 19 years old..." etc. (this is an example), but in the letter itself (and it is in HTML format) there is a small JS in a few lines. Its main task is to write cookies. When you open the letter, JS starts instantly (no one sees anything, in particular, the cool Casper, who is not able to perceive writing in cookies as a threat.) This script writes stolen sessions to cookies.
Another question that we fought over: why exactly did we receive a letter? We realized that the first trojan (the one on written in low-level language) probably sends cookies to the address book. By the way. The person (client) whose account got to our employee mainly uses the phone to work with mail (gmail). Probably, malware was downloaded on the phone (like a free game , or some unnecessary utility)
after a fight, they don’t wave their fists, of course, but! We want to give some tips to avoid such stories in the future. After all, who knows, maybe someone is sitting in your mail now, and you don’t even know about it.

  1. After finishing work, log out. It's better to just store passwords in the browser (with a master password, isessna, which will encrypt passwords) than to store open sessions in cookies)
  2. Use good antiviruses (including all mobile devices). Now Kaspersky offers multi-device solutions. They are cheap but work great.
  3. Do not download unfamiliar programs/games from the Internet. Especially the free
  4. Do not use "cracked" software
  5. Set up the firewall correctly. Do not give access to the network to all programs and processes in a row
  6. Check email WITHOUT opening emails. Headers only (as, say, in gmail, mail.ru, etc.). When opening letters (when viewing), viruses and scripts can be activated. If you work through programs such as Outlook or Mail (Mac Os), you need to configure the program so that it does not open the letter when you click on its header. And disable all JS and other scripts.

R
Ronii, 2015-04-14
@Ronii

Perhaps he sat down at the computer and entered them. Just in case, you can consult a psychiatrist

A
Andrew, 2015-04-14
@OLS

And what does the "Saved passwords" tab in the browser say? Are there many that are not yours?

R
Roman Frank, 2015-04-14
@Akellacom

Perhaps you just have a split personality, and this is your second personality that you do not even suspect.
https://ru.wikipedia.org/wiki/%D0%94%D0%B8%D1%81%D...

N
Niyatsu, 2015-10-22
@Niyatsu

Just yesterday I ran into exactly the same problem. On a machine on which Windows was reinstalled yesterday, fresh chrome was installed, data of a complete stranger suddenly appeared. And not only saved logins / passwords, but also history. I see that there are mostly comedians, but in the meantime the situation is very strange. Did you find a solution?

T
Tata Lo, 2021-08-26
@TataI0804

Which does not explain how, months and years later, the data reappears.
What can I advise: check Google contacts https://contacts.google.com
Check contacts in mobile phones, in Contacts applications, this is not the same with Google contacts
Check Google Drive and Docks, Google Keep by person's name → on the main Google - product panel / dotted box
They have a search bar → enter a name

A
Archi86, 2021-08-28
@Archi86

I ran into something similar yesterday, bought a phone, entered my acc there, went to the passwords tab, and there is someone's login and password from VK music.
The phone was opened, the seller said that this is normal for a Japanese device. The phone was last charged 55 days ago.
I contacted the owner of the account via WhatsApp, he says that he has never used such a phone.
Perhaps her acc vk was attached to my google acc on some of my former devices, from the last thing it was - an android radio tape recorder in the previous car, I don’t remember that before the sale I made an exit on it from the acc, this would explain why in the new phone in as a working address in Google maps some kind of shopping mall in Chelyabinsk, and in the saved passwords someone else's account from VK shines, otherwise this nonsense cannot be explained ...

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question