Qobuz account hacked

This looked like a Tidal version a few days ago


WHOA! All my Qobuz albums in Roon are gone, too! What’s going on?!

See my response in this topichttps://community.roonlabs.com/t/all-my-qobuz-albums-are-missing-from-my-library/162656

Thanks! But any explanation from #support advisory from Roon? I didn’t get any email. If you knew about this, why not email us?

My albums in Qobuz didn’t disappear in Qobuz, only in Roon.

There have been multiple threads in the Support category about the syncing issue. A fix has been applied, but apparently it takes time to be applied to all accounts. See this:

1 Like

I should make note, when you change your password, email, or even login with your Roon password, you will get an email notifying you of that fact. It’ll contain a location which we determine using IP address to physical location mapping. It’s not perfect, but it’s usually pretty close to where you are.

This is one way we protect from accounts getting hacked.

We also made it so you (or attackers) can’t change your email or password without access to your old email inbox. Again, to prevent account takeovers.

1 Like

When any of the above happens, the account is already hacked (password, login, email and so on only can be changed from within the account) and other damages can be done. While email notifications and verifications are absolutely better than nothing, two factor authentication login is by far the way to go (my unrequested 2c).

2 Likes

Just going to leave this here…

3AC67816-5C74-4A1D-9322-F71BF2B87A59

4 Likes

Yup, change your passwords frequently.

or just use different ones in different locations!

true, but suicide for an entertainment app.

An entertainment app with credit cards and third party passwords (Tidal, Qobuz, DropBox logins) on file!

It may be an inconvenient for some if you have to login on a daily bases, no doubt about it, but that’s not the case with roon. There are other methods to authenticate the Core without having to use the account’s password.

BTW, you are not alone in seeing security this way, amazon uses the same password for the music app as the main account, which is a huge NO WAY security wise.

1 Like

Adaptive MFA handles this well. It stores fingerprints for your computer, your browser, your IP…any of these change, challenge, otherwise don’t.

1 Like

There is a thread about this issue. It is no hack. Apparently, it has to do with the sync between Roon and Qobuz.

Quite a lot of Roon users have been affected for about a week or two and the issue remains unsolved to date.

It would be appropriate that Roonlabs shares information spontaneously about this problem. That would prevent customers’ legitimate frustration and avoid potential mistakes when trying to solve it individually.

Roon seems lax on security, by todays standards, from beginning to end. It might harm the experience, but anything networked with my data and my payment details, needs solid protection. Its a bad world out there. The future, customer opens Roon:

Hi Mike, can you identify the traffic lights, and enter the 16 digit number from the message we sent?

:rofl:

1 Like

https://haveibeenpwned.com/

This will tell you if your email is on a leaked list

Is it wise to type your email address into this site , I am not very trusting ?

Only you can decide that

Well, if you think you need to check if your account is hacked, just don’t.

Don’t waste time and change your most important password(s) immediately.

Dirk

1 Like

Sorry but this event, as quite clearly detailed by myself was a hack of my Qobuz account.
There were then some slight sync issues afterwards but not exactly the same as others.
Thank you.