Welcome to the LogMeIn Pro Community!
Reply
Highlighted
New Contributor
Posts: 2
Registered: ‎12-13-2016
Accepted Solution

Unauthorized login attempts

One of my clients has seen uptick in failed llogin attempts. They're coming from IP addresses all over the world but seemed to start in Budapest Romania. It appears someone may have obtained a list of LogMeIn userIDs (or email addresses) but doesn't have the passwords. Is anyone else seeing this? Any theories?

 

We've taken the following defensive measures in LogMeIn:

Settings > Account Settings, > Password > Change

Settings > Account Settings > Security section:

o   Audit Log > View: Check for suspicious activity

o   Email Notifications > Change: Confirm email address  Enable (check) all checkboxes.

o   Two Step Verification: Switch On

o   Trusted Devices > View Devices to check for unknown devices

Settings > Security > Enable all the Audit Settings checkboxes.

 

Any additional suggestions welcome.

 

 

New Contributor
Posts: 2
Registered: ‎06-23-2007

Re: Unauthorized login attempts

Just had one from China.

I have been a LogMeIn user for nearly as long as it exists and this is the first time a 3rd party ever made an attempt or guessed my email address.

I agree it is suspicious that somone might be attempting random email addresses in search of LogMeIn users and their membership list may have been compromised.

Of note is that I just recently updated my paid PRO subscription. Perhaps something in the billing system was compromised.

Thanks for your tips - I implemented them immediatly.

Posts: 129
Topics: 0
Kudos: 49
Solutions: 6
Registered: ‎11-14-2014

Re: Unauthorized login attempts

Hello @TaprootSecurity and @Anon38262,

 

Thank you for your posts.

 

We understand your concerns and would like to confirm that no breach took place on our end. Log in testing based on password reuse is usually connected with third party data leaks and security incidents. 

 

You can also set up Two-Step Verification by logging into your account and following this path: Settings> Account settings> Security> Switch on two-step verification and follow the steps to pair an app or receive a text message.

 

Thank you








M_LMI is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.

Was a post helpful or informative? Give it a star with the Kudos button.

Need more help? Search the knowledge base or contact Customer Care.




New Contributor
Posts: 2
Registered: ‎03-18-2008

Re: Unauthorized login attempts

I just got one from China. I do not believe email addreesses can be easily and randomly generated. So somehow they got my email address.

New Contributor
Posts: 2
Registered: ‎04-10-2017

Re: Unauthorized login attempts

Our logmein account was accessed last night. They had the email and the password. Absolutely no emails of failed attempts. Access was from China as well. We are planning on stopping our subscription.
New Contributor
Posts: 1
Registered: ‎03-12-2015

Re: Unauthorized login attempts

We have had 2 failed attempts on 2 different users in the last week (one from the Philippines and one from Korea).  Would you explain your statement of "password reuse is usually connected with third party data leaks and security incidents" in more detail?

 

We have not had any security breaches on our system (fortunately) and I'm not clear what third party would have access to our Logmein user accounts.