Multisim and Ultiboard

---

@Justin81 wrote:

The message states that, "This password has appeared in a dat leak, which puts this account at high risk of compromise. You should change your password immediately."

---

That text sounds sufficiently garbled broken English* to suspect that this is a phishing email from somebody masquerading as Apple. Don't click on any links!!!! Carefully inspect the message header. (note that the FROM: field can be absolutely anything and is not validated). Did the message pass more stringent controls such as DKIM, SPF, DMARC, etc.

*note: even if the text is proper English, the message can still be malicious, of course!

---

LabVIEW Champion.

That’s exactly the same warning I got.

I was of the belief that when Apple notifies users about a saved password leak pertaining to a specific company's account that Apple was informing users that the password and the account itself was compromised, not just the password.

Thanks for explaining that the Apple notice is specifically with respect to a password and not also the account it relates to, Vicentiu.

---

@altenbach wrote:

---

@Justin81 wrote:

The message states that, "This password has appeared in a dat leak, which puts this account at high risk of compromise. You should change your password immediately."

---

That was a typographical error on my behalf. That should have read data leak not 'dat leak".

 

The notification was through Apple's Password iOS as per Vicentiu's post.

---

Those password databases only contain a user name and password. They are not specific to any service.

The password check in Chrome, Apple IOS and similar simply checks the username/password combo of any account stored in the password manager if it matches any entry in these databases.

So if you use your email address as username and a password that has been breached with that email address on any service anywhere on the internet, that password will be flagged as insecure by the IOS, Chrome and other password managers. It doesn't mean that the password was leaked by that specific service.

Rolf Kalbermatter
My Blog

---

@rolfk wrote:

Those password databases only contain a user name and password. They are not specific to any service.

The password check in Chrome, Apple IOS and similar simply checks the username/password combo of any account stored in the password manager if it matches any entry in these databases.

 

So if you use your email address as username and a password that has been breached with that email address on any service anywhere on the internet, that password will be flagged as insecure by the IOS, Chrome and other password managers. It doesn't mean that the password was leaked by that specific service.

---

In that case, we have a problem!

The email address and password combination used for Multisim is unique.

If the password is detected in isolation (without the user email associated with my account in Multisim) by Apple, and does not associate the email that correlates with it, then there is no issue.

If Apple's warning to an email address with correlating password, then I can only initially see one possible cause (not including a security breach at Apple).

Either way, I'll change my password and see if this happens again in the future.

I just updated my iOS to the latest version (I skipped an update) and suddenly see several breached password warnings. So Apple seems to have changed something.

It’s all about throwaway online accounts where I sometimes reused a specific password (not easily guessable but yes I reused it). So.iOS recently changed what they consider a breached password, apparently taking it literally and flagging any password that appears in those databases independent of the account name (for throwaway accounts I often use a username that contains the site name so I could see who sold their email addresses).

Rolf Kalbermatter
My Blog