Thread - Nostr Hypermedia

Relays: 5

Replies: 2

Generated: 22:08:06

We've seen many attacks where it seemed attackers have used emails + passwords from different breaches. If you want get a picture of which breaches your email was included in: https://haveibeenpwned.com/ However, we also recognize that Alby emails could have been exposed through the reset password system as mentioned already in this announcement and we have made the necessary changes to ensure affected users are not at risk of losing their funds.

2025-10-21 08:48:50 from 1 relay(s) ↑ Parent 2 replies ↓

Replies (2)

Currency of Distrust currencyofdistrust@primal.net npub1mgnw...h0pm

Did you change it so emails are no longer leaked in this fashion?

2025-10-21 13:42:52 from 1 relay(s) ↑ Parent Reply

Currency of Distrust currencyofdistrust@primal.net npub1mgnw...h0pm

I just checked HIBP for the email I used with Alby and it shows up in 0 data breaches, so my email was definitely leaked via the password reset mechanism on your site. I’m not stressing about that too much, but you should be careful about deflecting too much blame.

2025-10-21 13:44:41 from 1 relay(s) ↑ Parent Reply