Carbonite blasts an email for all users to reset their password.

Yes this is a real email from Carbonite. We urge all of our customers to change their passwords as soon as they can. This action is being taken proactively and at this time there is no evidence to indicate that your account or data have been compromised. Your backups are safe and your regular backup schedule will continue.

What Happened

As part of ongoing security monitoring, Carbonite recently became aware of unauthorized attempts to access a number of Carbonite accounts. This activity appears to be the result of a third party attacker using compromised email addresses and passwords obtained from other companies that were previously attacked. The attackers then tried to use the stolen information to access Carbonite accounts. Based on our security reviews, there is no evidence to suggest that Carbonite has been hacked or compromised.

What Information Was Involved

While Carbonite will continue to monitor and investigate the matter, we have determined that some usernames and passwords are involved. Additionally, for some accounts, other personal information may have been exposed.

What Carbonite Is Doing

Use the link that Carbonite emailed to you to reset your password. We highly recommend using "strong" unique passwords for Carbonite and all online accounts. If you use the same or similar passwords on other online services, we recommend that you set new passwords on those accounts as well.