1

I have just logged into my router in Chrome, Win 10.

I got this warning.

enter image description here

I immediately changed the password.

But I have several questions.

Is the message reliable, in the sense that the breach occurred?
If so, how could that breach happen?
How could Chrome tell the breached happened?
Did I have any extension that caused it?

Is there any chance that the breach did not happen?
Or even worse, that the warning is actually fake, perhaps so I go and change the password for some other extension or else to read it?

sancho.s ReinstateMonicaCellio
  • 434
  • 3
  • 9
  • 1
    The breach has nothing to do with your router, and may not have anything to do with you. See these links: https://support.google.com/chrome/thread/23534509/i-am-getting-a-popup-message-saying-that-a-data-breach-on-a-site-or-app-exposed-your-password?hl=en https://security.googleblog.com/2019/12/better-password-protections-in-chrome.html – Fire Quacker Jan 28 '22 at 15:37
  • Effectively that means the used password is known and has been included in common password lists. So if anybody ever would try to break into your router and use that password list the attack may succeed (after some time depending on how many login attempts the router allows). – Robert Jan 28 '22 at 16:55

1 Answers1

2
  • Is the message reliable, in the sense that the breach occurred?

Yes, the message is quite reliable. The breach very probably did occur, as the message says, on a site or app. It did however equally probably not occur on your router.

  • If so, how could that breach happen?

There are many ways an app or site can be breached. Unpatched vulnerabilities can be exploited. Employees can be induced through social engineering or bribery to give access. Disloyal employees may abuse their access.

  • How could Chrome tell the breached happened?

Chrome automatically checks your password against a database of passwords that have been found in known breaches.

  • Did I have any extension that caused it?

The breach did most probably not happen on your router but on some other system, so the question does not apply.

  • Is there any chance that the breach did not happen? Or even worse, that the warning is actually fake, perhaps so I go and change the password for some other extension or else to read it?

No, this warning is genuine. It just doesn't say what you are reading into it. It does not tell you that your router has been breached. It tells you that you are using a password which has been found in some breach somewhere, and consequently at increased risk of being guessed, should someone try a password guessing attack on your router.

Tilman Schmidt
  • 871
  • 4
  • 7