Failed Login Attempt from China

I have been a longtime LogMeIn user. I recently updated my Logmein Pro subscription.

Much to my surprise I just received a "failed login attempt" from Nanchang China.

This is the first time I've ever seen any 3rd party login attempts on my account in 20 years or whatever it's been.

I've very curious how someone in China would have even gotten my email address to attempt a login. I doubt anyone would be attempting random email addresses.

First thing that comes to mind is that either my system has been compromised or that the LogMeIn user data has been compromised?

Anyone else seeing failed login attempts from China?

Find more posts tagged with

Accepted answers

JaneMargulies

I heard back from the company and you can set up dual authentication.

We also recommend that you add two-factor authentication as an additional layer of security. This would turn on a texted or app-generated one-time code each time you log in that is sent to a second source, adding a second layer of verification.

You can can do this through setting.

All comments

Valverde

Check if you have an account that has been compromised in a data breach and from which website on https://haveibeenpwned.com

Sonia_TTP

I spoke with LogMeIn about this in 2016 as we had a handful of clients who were getting these notifications from various countries, China included. At that time, LogMeIn said the problem was the hack that happened at Yahoo! in 2016. Once hackers get a username and password they use programs that attempt to use that same email and password on other popular accounts. A LOT of users have the same password in multiple accounts so it is worth the hackers' while to attempt the usernames and passwords that they have against accounts like LogMeIn that if they worked, would give them even more access. So this is not about your specific LogMeIn account. It's just that your email showed up in some hacked database (Yahoo! or other). So long as your LogMeIn password is decently secure and you do not use that password on multiple different sites, then you're fine.

TaprootSecurity

I just got another failed login attempt from China. IP address 218.29.123.218. Anyone else?

MikeRuth

I'm going to go out on a limb here but....For those of you saying there is no way anyone could possibly know that your email address is linked to LMI, they don't need to know.

If your email address is in the wild, as many are then whats stopping the bad guys from running a bot to make attempts at LMI with a list of email adresses? not a dog gone thing!

I have a client that is flipped out right now and switching to Gotomypc...good for her, but that dosen't mean her email address won't be used to try and loginto gotomypc as well, or for that matter many possible sites.

Frankly I'm not bothered by this unless I see repetitive attempts. One here and there no biggie.

I'd think if all the services on line that we use were to alert you say via Eamil every time a failed login attempt is made, you would be quite surprised. Can you imagine all the attempts at Facebook, Twitter, Snapchat and many others?

MikeBeanland

My failed attempt was from Mesquite, Texas, the ONLY way that anyone can know which of my email address is the one used by my LogMeIn account - is if they have had a loss of data, someone has sold the data, or someone had hacked into their system.

NOT GOOD. There is no other way that anyone can possibly have known my email address was linked to LogMeIn.

frederickford

TRY DISCONECTING YOUR COMPUTER FROM THE SITE FOR A WHILE.

I TOO HAVE HAD FAILED LOGIN ATTEMPTS,BUT I HAVE NO COMPUTER ASSIGNED TO IT SO IF SOMEONE DOES HACK MY ACCOUNT THEY GET NOTHING.

Reming

I have turned on double authentication and logs. Logmein now e-mails me for every attempted login and authorized login. Until this calms down I will audit every login. I figure if they hack the account they will need time to guess the password to each individual computer. This will give me time to change the password again.

Thanks for your response.

Brian

The NyQuil Kid

I and clients of mine are getting them from China and East Asia in general. It's very clear to me that something was hacked, whether LogMeIn specifically or some database elsewhere that shares email addresses.

Reming

I have the same issue has login attempts over past 2 weeks. I have turned on notification for all logins and failed attempts in case they get through. Why can't we block logins from other countries? or IPs that are anonymous? My logins are originating from China.

JaneMargulies

I heard back from the company and you can set up dual authentication.

You can can do this through setting.

gwk1

I have had several different attempts to log into my account from 6 different countries now over the past 2 weeks. These attempts, always 2-3 failed attempts, are become a daily thing now. I am starting to get very concerned about the security of this account and my company computers.

JaneMargulies

I had 3 attempts this weekend from China - what do we do?

matatoro

It happened to me also, two separate failed login attempts from two computers at separate locations in China. Curiously, I cancelled my LogMeIn account six weeks ago. So I can't log in either, and if I try, I generate the same notification of login failure. I was worried that maybe they had my password, since even if they did their attempt to log in would fail. But obviously they didn't have the password for the rest of you who've received login failure notices, or they wouldn't have failed. So I guess we can all conclude that while they've found our email addresses, they don't have our passwords.

I think there's something I'm missing here. Any ideas?

rjbcal

FYI: I just had the same notification sent to me as well today.

It's just a failed attempt, but am wondering if there is anything I should do about it?

Thanks.

Anon118525

Yes I just had an attempt from China and I agree emails can not be randomly generated that easily.