"As part of our ongoing security monitoring, we recently became aware of unauthorized attempts to access a number of Carbonite accounts. This activity appears to be the result of a third party attacker using compromised email addresses and passwords obtained from other companies that were previously attacked. The attackers then tried to use the stolen information to access Carbonite accounts. Based on our security reviews, there is no evidence to suggest that Carbonite has been hacked or compromised."Carbonite does not specifically mention any companies that might have been attacked, though it is likely referring to the data breaches at LinkedIn, Tumblr, and several others that compromised hundreds of millions of users' login credentials.
"In addition to our existing monitoring practices, we will be rolling out additional security measures to protect your account, including increased security review and two-factor authentication [which we strongly encourage all customers to use]."Two-factor authentication will help protect users with an additional layer of security in the event of password reuse attacks. For tips on how to create a strong password to protect your Carbonite account or other web profiles, please click here.