3 years ago
#235 Quote
Because Google’s “password checkup” reports that "A data breach on a site or app exposed your password" and your username/password combination has been found in a database of hacked passwords while logging into “site A” does NOT mean that it was “site A” that was hacked.  Note their message says "on a site or app" and does NOT say "on this site"

In my case I use a variety of username/password combos and depending on the sensitivity of the site depends on which one I use.  I recently receive the same warning as you and discovered that my least secure password was hacked and that I used it on 72 different sites.  Which of those 72 was hacked?  Who knows!   From within Chrome you can run a full scan of all your saved username/password combos and you will likely discover what I did.  I had 72 hacked logins (which caused some initial panic!)  and after checking verified they were all the same username/password (so really ONE hacked login) and were my weakest login credentials that I use on non-financial sites.

Bottom line is that our site,  to the best of our knowledge, has not been hacked .  

Finally note we do not store any credit card information in our database and users can not use your login to see your credit card information or your password or passwords of other users on your account.

This is what Google has to say on the subject: