AceRimmer
(Smoke me a kipper, I'll be back for breakfast!)
1
Well that was downright odd, annoying and perplexing indeed.
Oh right, sorry what am I talking about.
I just had my Qobuz account hacked and the bar stool who did it deleted every album I had saved!
I was actually on Roon on my album’s page when suddenly the album count started going down at a furious pace until all I had left was my ripped library.
Thought oh well just another Qobuz glitch so logged out and found I could not log back in, hacked!
Had to jump through a few hoops with Qobuz to regain control of my account and obviously set a radically different password.
Restored from a Roon backup which was 12 days old so got most of Qobuz albums back.
But why would anyone hack a Qobuz account and just delete all albums?
Bored? Spite? A$#hat?
Beats me!
AceRimmer
(Smoke me a kipper, I'll be back for breakfast!)
3
Or even worse…MQA.
Whoops now I gone and done it!
4 Likes
AceRimmer
(Smoke me a kipper, I'll be back for breakfast!)
4
It looks like my issue was of a different nature as when I finally got to log into my Qobuz account through a web browser all of my saved albums were indeed gone.
Zip, zilch, nada, squat.
We see tens of thousands of attempts daily where random ips around the internet just try combinations of emails and passwords.
We logged a bunch of the failures and found they were all from email/password lists from other hacks/leaks.
They change your credentials and hope you don’t use the service enough to notice.
Hundreds of Roon users have been attacked using the same testing of accounts emails/passwords.
4 Likes
AceRimmer
(Smoke me a kipper, I'll be back for breakfast!)
6
I did not think this one was a Roon/Qobuz sync issue although the timing was convenient.
Once I found I could not log back into Qobuz anywhere I thought had to be hacked.
Needless to say many passwords have been changed over past few hours!
There have been multiple threads in the Support category about the syncing issue. A fix has been applied, but apparently it takes time to be applied to all accounts. See this:
I should make note, when you change your password, email, or even login with your Roon password, you will get an email notifying you of that fact. It’ll contain a location which we determine using IP address to physical location mapping. It’s not perfect, but it’s usually pretty close to where you are.
This is one way we protect from accounts getting hacked.
We also made it so you (or attackers) can’t change your email or password without access to your old email inbox. Again, to prevent account takeovers.
When any of the above happens, the account is already hacked (password, login, email and so on only can be changed from within the account) and other damages can be done. While email notifications and verifications are absolutely better than nothing, two factor authentication login is by far the way to go (my unrequested 2c).
An entertainment app with credit cards and third party passwords (Tidal, Qobuz, DropBox logins) on file!
It may be an inconvenient for some if you have to login on a daily bases, no doubt about it, but that’s not the case with roon. There are other methods to authenticate the Core without having to use the account’s password.
BTW, you are not alone in seeing security this way, amazon uses the same password for the music app as the main account, which is a huge NO WAY security wise.
There is a thread about this issue. It is no hack. Apparently, it has to do with the sync between Roon and Qobuz.
Quite a lot of Roon users have been affected for about a week or two and the issue remains unsolved to date.
It would be appropriate that Roonlabs shares information spontaneously about this problem. That would prevent customers’ legitimate frustration and avoid potential mistakes when trying to solve it individually.