i think it was mentioned on Soya Cincau site... nothing compromised on CIMB regarding PayPal issue.

but good time to change password.

any of you guys facing issue above when changing your password?

I have no problem changing my password with special characters. I used desktop Chrome.

nope, no problem

for some weird reason, i wasn't prompt rechaptcha even when i intentionally key in wrong password, probably because of addblock

Frankly speaking you guys think some of these fraudulent transaction really related to the password issue?

Check my CIMB Clicks so far still ok la.. Changed my password also just in case (super long one, straight away put 20 characters one HAHA)

so weird, i cant get it done tho. alphanumeric with special character, but is it a must not using 3 consecutive same type character in the password (abcd1234)? characters which used in cimb clicks id and secure words also x boleh guna?

This post has been edited by sevenegg: Dec 18 2018, 10:43 AM

yes, i think its related, to accounts with 8 character password being broken into by bruteforce

because to link card to paypal, they will charge you 1 usd, then you need the code written on the description of that charge, which typically you can see in cimbclicks in 1-2 days

This post has been edited by feiraron: Dec 18 2018, 10:37 AM

I think they updated on the 18th

This post has been edited by macyhouse: Dec 18 2018, 10:31 AM

[edit] nvm liao found the gear icon at the bottom left of the bar
jibai punya layout

This post has been edited by incubus_skj: Dec 18 2018, 10:33 AM

https://jawapan.com/cara-tukar-kata-laluan-cimbclicks/

Guys, simple question.

Is it safe for me to use CIMB clicks now? or should I wait for things to settle down and go find CDM instead

sooooo small punya gear on one corner of the website

memang bodoh punya kerja ni

there was never an issue with CIMBClicks login being compromised that others get your login information through the act of you logging in like a keylogger (assuming you dont have a keylogger on you yourself).

Issue is clear:
1) Hackers found a way around login limit imposed so they are able to brute force (made easy with legacy account on 8 character password)
2) Leaked debit card details, which they will use to register your card to any paypal account they have

Safe. I logged in many times since yesterday. It's fine.

safe....no issue...if you want to be more secure, change your password to the new version...old password not compromised...

you need at least one small character, one capital character and one special character in your new password. And yes, it doesn't actually prompt you properly for this during the password change.


No. We are very sure both the issues are not related (which is actually a bad thing because there is two concurrent issues happening here).


Yes, transacting on CIMB Clicks is safe. The login protocols are a bit crappy but otherwise its safe. Once you're in, and if you have not changed your password after November 18, please do it immediately.

since they probably store your PIN number, it's probably possible that the tape backups contains your pin as well right?

tried changing it based on this, even the ticked button is showed, but error message still pop out. unless it's compulsory not to use any characters being used in ur ID and secure words, then this maybe the cause.

"IF" it is hash, would not be an issue. that a big IF btw..

This post has been edited by brkli: Dec 18 2018, 10:47 AM

All my colleagues including me get our salary credited through CIMB. The good thing is, no one reported an issue with fraud.

As said, I merely updated my password for additional peace of mind.