Critical security breach

I have Windows desktop app installed. Yesterday I noticed that there are other person’s files in my NextCloud folder instead of mine!
I opened the app and saw that some other person is logged in! I don’t know this person, based on files I can say he is from another country.
I logged into NextCloud web storage - there are my files.
I am the only person who use my PC.

How is it possible?

I e-mailed support yesterday, but still got not any answer. I think this is urgent.

We need a lot more Info like Severconfig, Version…
Never seen this before but…

How to get that? I’m new to NextCloud.

See in the Admin configurations

That sounds strange. They gave out login details twice. Did you change your password? The e-mail address linked to your account is right (you can do both in the settings in the web-interface).

No, I didn’t change anything since registration.

In the web-interface everything is fine. As I said above I see my files there.
But desktop seems just as someone else logged in. Not even a hint of my account (other profile, other files). Wierd!

I don’t if it is important: I was logged into my Nextcloud account on my Sailfish smartphone. Right after this accident I logged out for privacy sake.

Just to clarify:

  • You see your own files only in web interface?
  • You see someone else’s files only OR yours and others in the desktop client?
  • This is a hosted account and you do not have access to the server?

Yes.

Someone else’s only. Just like if someone else has logged in.

Not sure if I got you right, but most likely it’s hosted account. I just registered for free plan on https://emma.cloud.tabdigital.eu

Change your password, check on your personal page, that no clients are connected that you did not authorize. Remove app keys of unknown devices.

Be careful with operators, especially if it is free. It’s nice to get a look and feel of Nextcloud. If you want to store serious data, check out a trustworthy provider or, even better, host it yourself. Consider client-side encryption with sensitive data (currently best with 3rd-party software like cryptomator).

I do not see such section on my personal page.

I think Karl was asking if you’re running your own instance, or logging into a third-party service. Which apparently you are.

This forum is mostly for developers of Nextcloud, and for users that run their own instance of the software. Nextcloud (the organisation that runs this forum) provides the software, but has no influence or control over whoever runs the site “emma.cloud.tabdigital.eu”.

Honestly, it looks like tabdigital are terrible system administrators. Going by your description, I’m guessing they host multiple instances of Nextcloud under multiple domains on one server. Their sysadmin managed to mess up their config, resulting in your desktop app syncing to “wrong.cloud.tabdigital.eu” instead of “emma.cloud.tabdigital.eu”.

I wish you luck, but there’s very little anyone here can do. Only your service provider (emma.cloud.tabdigital.eu) can answer your questions or make you feel better about your lost privacy.

1 Like

Emma support said that was user mistake:

“there was wrong sharing settings from user side”.

But I wonder how that guy know my account name, we never got in touch with, I do not know him.

I would cancel the account.