One of my clients has seen uptick in failed llogin attempts. They're coming from IP addresses all over the world but seemed to start in Budapest Romania. It appears someone may have obtained a list of LogMeIn userIDs (or email addresses) but doesn't have the passwords. Is anyone else seeing this? Any theories?
We've taken the following defensive measures in LogMeIn:
Settings > Account Settings, > Password > Change
Settings > Account Settings > Security section:
o Audit Log > View: Check for suspicious activity
o Email Notifications > Change: Confirm email address Enable (check) all checkboxes.
o Two Step Verification: Switch On
o Trusted Devices > View Devices to check for unknown devices
Settings > Security > Enable all the Audit Settings checkboxes.
We understand your concerns and would like to confirm that no breach took place on our end. Log in testing based on password reuse is usually connected with third party data leaks and security incidents.
You can also set up Two-Step Verification by logging into your account and following this path: Settings> Account settings> Security> Switch on two-step verification and follow the steps to pair an app or receive a text message.
M_LMI is a member of the LogMeIn Community Care Team.
Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a star with the Kudos button.
We have had 2 failed attempts on 2 different users in the last week (one from the Philippines and one from Korea). Would you explain your statement of "password reuse is usually connected with third party data leaks and security incidents" in more detail?
We have not had any security breaches on our system (fortunately) and I'm not clear what third party would have access to our Logmein user accounts.
What they mean is that they have screwed up somehow but are unwilling to officially own up to it. That’s why they need to keep doubling their subscription fee, so they can afford how much we will all be suing them for ;)
I canceled my account because of the massive price increase from for logmein central. Almost immediately after my account went inactive I started getting emails notifications every few weeks with attempted logins from foreign countries I have never done business with. I am Based in the US and I keep getting attempted logins (invited and regular user login fails) from Xi'an China , Hanoi Vietnam , Anápolis Brazil , and from a few African counties somewhere. Some of the admin users that had logmein still loaded on their pc's also would get failed attempted login popups. I uninstalled all instances of logmein on all customer and working computers.
I never had any failed login attempts from foreign areas until I cancelled my account. So did somebody at logmein do this? I find it very very hard to believe that its just a coincidence and that something third party related happened.