You receive an email from firstname.lastname@example.org with a message similar to the following: "Attempted Login from Blacklisted IP. Datto has detected an attempted login from a blacklisted location using valid credentials. If this wasn't you, please reset your password or contact Datto Support to keep your Datto account safe."
- Datto Partner Portal
An attempt to log in to http://partners.dattobackup.com took place from an IP address which you blacklisted in your organization settings. The login was attempted with a valid Partner Portal username and password. Because the IP address was blacklisted, the login was not successful.
If you have opted into Partner Portal email alerts, Datto will send you a security notification similar to the example shown in Figure 1 any time that our servers detect an attempt to log in to your Partner Portal account by providing valid credentials from a blacklisted IP address. Should you receive an alert, Datto recommends performing the following steps to ensure the security of your account.
1. Review the IP address and the time stamp shown in the email. If you recognize the IP address and the login time shown, no further action is necessary on your part.
NOTE: Logging into the Partner Portal from a device that uses a temporary IP address lease, such as a smartphone, may trigger a portal alert. When reviewing the notification, keep this information in mind.
2. If you do not recognize the login activity, your account may have been compromised by an attacker. Reset your Partner Portal password immediately. Review your account for any signs of malicious activity.
3. For added security, Datto also recommends enabling Two-Factor Authentication (2FA) for your entire organization.
4. If you have further questions or require additional security-related assistance, contact Datto Technical Support.