A few days ago, an old shopping account of mine was “hacked”. Or at least, an attacker managed to change its password. Now, I am wondering what was the purpose of this happening and whether there is anything I should be especially wary of.
I noticed the attack exclusively because I found the password reset e-mails in my e-mail inbox, and I could effortlessly retake it by using the same password reset feature, as the shopping account’s e-mail address was not changed. Also, the shopping account did not contain any payment data and no orders were issued, and no other account linked to the same e-mail address seems to have been compromised (in the sense of any password changes).
Is that a typical attack pattern, or what exactly happened there?
I had prepared a much more detailed write-up about my observations and about what steps I took, but unfortunately, Stack Exchange says “This looks like spam.” when I try to post it. Thus, I kindly ask for a few comments that indicate what information exactly I should add here to get meaningful answers. Then maybe I can edit in the information from my write-up little by little again:
(Sorry for posting this here; I don’t have the rep for posting on the meta site yet.)