Jump to content

TWeaKoR

Members
  • Posts

    0
  • Joined

  • Last visited

Everything posted by TWeaKoR

  1. So I just received a phishing email to my Nexus account email address. The interesting thing is that I use a unique email address for this account, one which doesn't technically exist - I have a rule on my email domain that any email sent to addresses that don't exist will filter through to my main account. As such, my Nexus account email only exists on Nexus' servers and in the emails they've sent me. Even more worrying, the email included my account password in both the Subject header and the body of the text. Here is the full text of the email: When I attempted to login just now my password had been changed. I was still able to use the forgotten password link, then afterwards I had to re-verify my email as the account had become inactive. Obviously I'm not worried about the phishing email itself, the email and password are unique. What is concerning is that it seems the Nexus servers have been compromised, leaking account information, and even more worrying is that this appears to have included passwords which at best have been decrypted - at worst they may not have been encrypted to begin wtih. Does anyone from Nexus have any comments on this?
×
×
  • Create New...