some dude just email me my own password

FUCK

loool 😂

It could be much worse my dude. Possibly someone out there giving you a second chance!

Try out some sql injectiobs on their website. It will most likely work.

.

This isnt new. I have seen this recently at a job interview. Check your routers and use a secure device to change your passwords. Also check have you been pwned website. If so you know what to do. Also probably a good idea to back up your files and refresh your os.

Also you probably shouldnt post a confirmation that he guessed right on a public form. As he may be following your rant

Two-factor authentication everything.

@skprog what if OP is actually the guy who found the password?

Screenshots please.*

* Don't blur anything

@sak96 LOL!

You know you're screwed when this happens..

@N0-Flux-Given not if you practice good password hygiene (never use the same one twice, regularly change them and remember to wash your hands) and 2FA.
Also, it might have shown up on pastebin at some point. That's a major scam scheme right now, they paste a password from a pastie into an email trying to extort money from the mark.

about 10 years ago a 16 yo got into one of the systems of the National Security Authority of Slovak Republic (Narodny Bezpecnostny Urad Slovenskej Republiky) because they didn't change the test password nbusr123

123456

Propably old password, check " have i been pwned"

I had this recently. Subject line contained a password that would've been one of mine but I use a variation of it depending on which site I visit. Can't work out what site or service it was for though. I based it on some part of the domain but don't recognise it.

Rest of the email was one of those "I've seen you watching porn on your computer, send bitcoin plz" scams.

@nightowl That's the scheme I was referring to as well... Well, one of them. The ISC wrote about it a while ago.

I've been gathering and checking the BTC addresses they used (They didn't randomize them, many e-mails contained the same) and it was quite successful (5-figure sum that made me wonder why I drag my ass to work every day). Haven't seen mainstream press coverage in my area, but that's nothing new here.

@PonySlaystation who's website?@nightowl that was it!!! except i don't have passwords to porn, they sent me my minecraft password

I don't have passwords to porn either. It's just designed to shock people into paying up.

If somehow your password has been leaked (e.g. compromised website) it might end up in a list of accounts and passwords distributed between hackers. Eventually someone gets one of these lists and bashes out a load of spam like this.

If you definitely didn't use that password elsewhere just change it. Did you log in to Minecraft on someone else's computer? Could be a keylogger or similar.

This happened to me too. They just use publicly available leaked passwords to scare you. Mine was changed years ago, so I just laughed at the attempt.