View Single Post
Old July 10th, 2012, 01:30 PM   #1 (permalink)
Community Manager
Thread Author (OP)
Phases's Avatar
Join Date: Sep 2008
Location: Nashville, TN
Gender: Male
Posts: 7,016
Device(s): Galaxy Note 3
Carrier: Verizon

Thanks: 644
Thanked 15,610 Times in 3,009 Posts
Default Important Notice - Security Breach

Before reading this - please take a moment to change your password on This can be done while logged in through your UserCP, or using the "forgot your password?" page if logged out.

I have some unfortunate news to pass along. Yesterday I was informed by our sever/developer team that the server hosting was compromised and the website's database was accessed. While the breach is most likely harmless there are important and potential pitfalls, and we want to provide as much helpful information to our users as possible (without getting too technical).

The trust of our users is extremely important and several staff members worked through the afternoon, evening, night, and morning to ensure we're doing everything possible to regain complete security.

Here are the facts:

- The exploit used has been identified and resolved. The server has been further hardened and extra "just in case" actions have been taken.. and will continue to be taken.

- All code that resides in the database and the file system has been thoroughly reviewed for malicious edits and uploads.

- No other sites in our network appear to have been accessed (we're triple checking).

- The user table of AndroidForum's database was (at a minimum) accessed. While we can't prove or disprove whether or not the data was downloaded (due to the way the data was transferred), it's completely possible.. and we've taken action assuming this is the case.

- Information in the user database includes: Unique ids, usernames, emails, hashed (encoded) and salted passwords, registration IP addresses, usergroup memberships, infraction levels, last time online, last post date, post count... as well as far less critical things like number of PMs, visitor messages, last online dates, and some vbulletin options set in your UserCP.

- Immediately following the incident, all ~100 staff were notified of a pending password change - and all passwords to were changed to random strings. Almost all are back in with new passwords. Because gaining access to a staff member account could pose the biggest threat, we first moved to secure these accounts.

What Probably Happened

This was, in our current opinion, most likely an e-mail harvesting attempt. A spammer could theoretically attempt to bulk e-mail all AF users with the user database. Luckily, GMail and similar e-mail services offer a "spam" button that helps it to collectively identify and automatically filter potential spam.

It's also absolutely possible that nothing of consequence happened. There is some chance they did not get enough of the database to matter, did this for fun to see if they could, or will not move forward with any plans after finding out we're actively investigating. This is a serious offense and you can best bet we are doing just that.

What Could Happen?

We take matters like these incredibly seriously and want to make sure you're warned of ALL the possibilities, regardless of how slim the chances. You can never be too safe, so we're asking you to consider the possibilities and protect accordingly.

- This could be someone who is upset with us who hopes to use the information against staff

- With username, email, and IP information, a skilled hacker could pretend to be other users.

- They could blackmail us and threaten to publish the information publicly.

- Knowing your IP one can get a general idea of where you are located in the world, though most your IPs are dynamic and will change before too long anyway.

- With a username and hashed password one could open a session with accounts on other sites that use the same credentials - if they gain file level access to that site first. These were salted passwords which adds to the complexity, but nonetheless we recommend playing it safe.

What should you do?

Although we're confident the threat is neutralized it is still highly recommended that you change your password here and on other sites where you use the same username/password. This can be done while logged in through your UserCP, or using the "forgot your password?" page if logged out. You can also contact me via PM or Contact Form and we will help you if you need.

No website wants to make an announcement like this. I assure you we, as the Neverstill Team, could not apologize profusely enough. Websites come under attack all time time - and sometimes the bad guys make it in. Unfortunately for us, yesterday was our time. We have been attacked before but never breached, and please know we are going to continue to do everything in our power to ensure it doesn't happen again.

If you have any questions please let us know - we will do our best to answer them. I will leave this thread open for discussion as long as it remains productive.

-Phases, Rob, and the Neverstill Team

UPDATE: I forgot to mention. If you are using an Android Application to access the forums (Tapatalk, Phandroid App) - they will not register the password change and may flood your email with "someone has tried to access your account" emails. Unfortunately the only advice I have for that is to uninstall/re-install the app, if you cannot change your password from within.

UPDATE 2: If you are requesting account deletions, please email me at with the email account you registered with. Thanks for understanding.

UPDATE 3:Rob's weighs in on why no mass email was sent - here.
Every forum should have a Phases.
Phases is offline  
Last edited by Phases; July 26th, 2012 at 02:57 PM.
Reply With Quote
The Following 516 Users Say Thank You to Phases For This Useful Post:
1lmfl1 (July 17th, 2012), 2BH (July 11th, 2012), 2k2cse (July 16th, 2012), 2momo123 (July 12th, 2012), 2old4this (July 10th, 2012), 3finger (July 10th, 2012), 7zero (July 10th, 2012), 91Firebirder (July 11th, 2012), 987456321 (July 11th, 2012), 9to5cynic (July 10th, 2012), aaanadie (July 10th, 2012), aboatright (July 10th, 2012), Adauth (July 12th, 2012), agentc13 (July 15th, 2012), ajay.acharyakv (July 11th, 2012), alanbcohen (July 11th, 2012), algadeed (July 10th, 2012), AlissaLL3 (July 12th, 2012), alsaces daddy (July 13th, 2012), amenamen (July 17th, 2012), amiratafari (September 6th, 2012), amk2795 (July 11th, 2012), amswink (July 10th, 2012), AMTrombley0924 (July 11th, 2012), An UrgeTo Dance (July 10th, 2012), Andima (July 12th, 2012), AndroidGuy139 (July 17th, 2012), Androman (July 12th, 2012), andruoid (July 11th, 2012), AndyOpie150 (July 11th, 2012), AntimonyER (July 10th, 2012), Aquababe (July 11th, 2012), Archangel1280 (July 11th, 2012), argedion (July 10th, 2012), ArielAguayo (July 13th, 2012), ArmageddonX (July 10th, 2012), Arthur2142 (July 10th, 2012), Ash128 (July 18th, 2012), Ashanmaril (July 12th, 2012), asheehanjr (July 11th, 2012), Atma (July 10th, 2012), avinashmeena (July 13th, 2012), avushkaa (July 10th, 2012), awesomeofsauce (July 10th, 2012), ayush29k (July 11th, 2012), B2L (July 10th, 2012), BabyBlues (July 10th, 2012), badblue1 (July 11th, 2012), Bageland2000 (July 16th, 2012), baldmosher (July 11th, 2012), Ballymoss (July 10th, 2012), Bandaid (July 10th, 2012), bart2201 (July 11th, 2012), bbuck002 (July 12th, 2012), BeatNavy (July 11th, 2012), bellefsen (July 10th, 2012), BenChase7 (July 10th, 2012), bennyben (July 16th, 2012), benslgdroid (July 11th, 2012), bestrooted (July 10th, 2012), Big Oil (July 14th, 2012), bigmike661 (July 11th, 2012), biker57 (July 10th, 2012), bjmads (July 11th, 2012), BKiv (July 11th, 2012), blackimp (July 13th, 2012), blmbmj (July 13th, 2012), BlueBiker (July 12th, 2012), BlueDynamo (July 12th, 2012), Bob Cat (July 10th, 2012), bradhoschar (July 11th, 2012), brandonhutch (July 16th, 2012), brooklynsour (July 11th, 2012), BruceC (July 11th, 2012), brzimmer (July 11th, 2012), bulldog69 (July 11th, 2012), CafeKampuchia (July 10th, 2012), Capn069 (July 10th, 2012), Captain Mike (July 10th, 2012), Captainblack (July 15th, 2012), carney (July 13th, 2012), carschina (July 13th, 2012), CDPlant (July 11th, 2012), cell0ne (July 10th, 2012), chamba (July 15th, 2012), changky (July 11th, 2012), chaz_uk (July 12th, 2012), Cheetah1971 (July 12th, 2012), chrisluger2012 (July 17th, 2012), chrisstone (July 12th, 2012), chrlswltrs (July 10th, 2012), CJ0206 (July 15th, 2012), cliffgamerz (July 12th, 2012), CO Diver (July 13th, 2012), Colinr1234 (July 12th, 2012), Coraskant (July 11th, 2012), corbinator (July 11th, 2012), Covart (July 10th, 2012), CR1050 (July 16th, 2012), CrackBaby (July 12th, 2012), Crashumbc (July 12th, 2012), CriticalCritic (July 10th, 2012), Cuda13 (July 10th, 2012), cujo9999 (July 11th, 2012), cvic (July 13th, 2012), cwgraf71 (July 10th, 2012), cwhatever (July 10th, 2012), Cythes (July 11th, 2012), D-U-R-X (July 10th, 2012), daenas (July 13th, 2012), dAk_AyTaM (July 19th, 2012), damewolf13 (July 10th, 2012), danaj (July 12th, 2012), DanDroide (July 11th, 2012), DarcMasta (July 12th, 2012), darkcyber (July 10th, 2012), dautley (July 10th, 2012), davlob (July 14th, 2012), dawnierae (July 10th, 2012), dazxpat (July 13th, 2012), Deadlyimpact (July 14th, 2012), deedashstef (July 11th, 2012), dentist29 (July 18th, 2012), det1726 (July 14th, 2012), dgrobe2112 (July 11th, 2012), disciplexone (July 10th, 2012), DMajor239 (July 16th, 2012), Dmeeks90 (July 10th, 2012), DocTee (July 13th, 2012), dogdayz (July 10th, 2012), DonB (July 10th, 2012), doxcyguy617 (July 17th, 2012), dragonfinder1 (September 4th, 2012), DragonSlayer95 (July 11th, 2012), DrexelDragon (July 11th, 2012), Driftfog (July 12th, 2012), droblyer (July 15th, 2012), DroidoverApple (July 14th, 2012), droidsix (July 12th, 2012), DroidUser1 (July 15th, 2012), Droidxxxxx (July 13th, 2012), dstuttgen (July 12th, 2012), dually656 (July 19th, 2012), Duckster (July 12th, 2012), dunjamon (July 11th, 2012), durak (July 11th, 2012), dustwun77 (July 11th, 2012), EarlyMon (July 10th, 2012), eddietse91 (July 14th, 2012), egill (July 12th, 2012), egustero (July 12th, 2012), El Presidente (July 10th, 2012), Elphie28 (July 10th, 2012), ElTurt (July 13th, 2012), Encerspay (July 13th, 2012), Essjay22 (July 10th, 2012), exomatrix (July 12th, 2012), Familyguy1 (July 11th, 2012), farren (August 3rd, 2012), fasteddie345 (July 17th, 2012), FirebirdStud (July 16th, 2012), fmalcolmr (July 12th, 2012), Forestinjersey (July 10th, 2012), fp99 (July 10th, 2012), fratermus (July 11th, 2012), freesoul27 (July 12th, 2012), frenchy714 (July 11th, 2012), frg (July 13th, 2012), Fuzzy13 (July 10th, 2012), GalaxyNexus (July 10th, 2012), gbiggie (July 10th, 2012), General_Crespin (July 12th, 2012), gexnefx (July 12th, 2012), GiftedPlacebo (July 11th, 2012), gkak (July 11th, 2012), Glad2BMe (July 17th, 2012), Glas67 (July 11th, 2012), godsdragon (July 13th, 2012), goldz28 (July 11th, 2012), gorillabait (July 11th, 2012), gradymcd (July 15th, 2012), Granite1 (July 10th, 2012), GregM_AZ (July 11th, 2012), Grenge (July 11th, 2012), GTurn (July 11th, 2012), Hadron (July 10th, 2012), Hal_Chase (July 13th, 2012), HanSolo (July 10th, 2012), Harry D (July 11th, 2012), HarshReality (July 11th, 2012), hdapeiris (July 18th, 2012), Hdjc28 (July 10th, 2012), Helloneumann (July 11th, 2012), Herman1941 (July 10th, 2012), hillbilly352 (July 10th, 2012), hmvs (July 14th, 2012), hvrc (July 10th, 2012), ihackedmypc (July 13th, 2012), in2uition (July 12th, 2012), InGearX (July 12th, 2012), iowabowtech (July 10th, 2012), ironass (July 10th, 2012), isaemm (July 10th, 2012), isdaako (July 13th, 2012), iSlackerz (July 13th, 2012), J.Rawand (July 12th, 2012), J03 (July 12th, 2012), J6Remy (July 11th, 2012), JaeWeb (July 17th, 2012), jasonzech (July 16th, 2012), javasirc (July 11th, 2012), JB in AZ (July 10th, 2012), Jb07 (July 11th, 2012), jbdan (July 10th, 2012), Jcutter (July 10th, 2012), jehowe (July 16th, 2012), jenkinhill (July 11th, 2012), Jenn L. (July 10th, 2012), jennafiree (July 12th, 2012), jerrstan (July 12th, 2012), jerryeight (July 14th, 2012), Jgnome (July 12th, 2012), jgreetham (July 11th, 2012), jimbo1mcm (July 11th, 2012), jimmur_2000 (July 11th, 2012), jmar (July 10th, 2012), John - Rhoslan (July 10th, 2012), jonathanwills (July 12th, 2012), jonbonazza (July 10th, 2012), jondroot (July 13th, 2012), JooSki (July 14th, 2012), JRbong2k (July 18th, 2012), jroc (July 11th, 2012), jtw1216 (July 11th, 2012), JubbaTheHutt (July 10th, 2012), JusAnt (July 11th, 2012), karendar (July 18th, 2012), Kaylesh (July 10th, 2012), kelela92 (July 11th, 2012), Kie (July 16th, 2012), kiloromeo (July 16th, 2012), KiwiD13 (July 12th, 2012), kjss (July 10th, 2012), Kn1nJa (July 12th, 2012), kowatl (July 17th, 2012), kristopher5823 (July 11th, 2012), Lars (July 11th, 2012), LaTuFu (July 17th, 2012), lccpor123 (July 15th, 2012), Leemann (July 11th, 2012), lifeblows10 (July 10th, 2012), Lilmo (July 18th, 2012), linuxrich (July 12th, 2012), Loco4LosChe (July 11th, 2012), Logan47 (July 10th, 2012), Looking4beach (July 12th, 2012), Loota (July 12th, 2012), Lordvincent 90 (July 10th, 2012), lortay78 (July 17th, 2012), lotsip81 (July 11th, 2012), LoveMyPhone (July 10th, 2012), Lucky Armpit (July 12th, 2012), Luniz2k1 (July 12th, 2012), Lynniepops (July 12th, 2012), mach1man (July 10th, 2012), macjay420 (July 14th, 2012), mAcRoS (July 14th, 2012), Malpat (July 10th, 2012), mamawm (July 11th, 2012), ManlyParasite (July 11th, 2012), Marcha (July 10th, 2012), marctronixx (July 10th, 2012), mariadroid (July 10th, 2012), marky1124 (July 15th, 2012), Martimus (July 11th, 2012), martingroso (July 11th, 2012), mavrikmeercat (July 10th, 2012), maximusx8 (July 12th, 2012), McGilli (July 11th, 2012), MCL777 (July 12th, 2012), MegaVortex (July 11th, 2012), menonro (July 11th, 2012), metal571 (July 10th, 2012), Metroid Prime (July 10th, 2012), Mexjoker (July 10th, 2012), mfzero (July 13th, 2012), mh53eplt (July 11th, 2012), MightyFurcules (July 12th, 2012), mikedt (July 10th, 2012), Mikestony (July 10th, 2012), Miralcos (July 14th, 2012), Mobstergunz (July 10th, 2012), MRCMidnight (July 10th, 2012), MrPeter1985 (July 16th, 2012), mrpnut (July 11th, 2012), Mulan (July 10th, 2012), mutanti (July 13th, 2012), mydian (July 10th, 2012), myshkin (July 10th, 2012), naees123 (July 17th, 2012), namoroman (July 12th, 2012), nano404 (July 11th, 2012), nawwaf (July 11th, 2012), NeoGrandizer (July 12th, 2012), NetNoggin (July 11th, 2012), NightAngel79 (July 28th, 2012), NightHawk877 (July 11th, 2012), NIGHTWATCH01 (July 16th, 2012), nitroRCs (July 11th, 2012), notdel (July 15th, 2012), novox77 (July 10th, 2012), nowhere1 (July 14th, 2012), nu2andy (July 17th, 2012), ocnbrze (July 11th, 2012), OfTheDamned (July 10th, 2012), OhBe1 (July 11th, 2012), olbriar (July 10th, 2012), olijf (October 15th, 2012), OptiC-ShotS (July 12th, 2012), OptimusLove (July 13th, 2012), Otterboyy (July 12th, 2012), oulmanpe (July 13th, 2012), Outatime (July 10th, 2012), Outlaw.99 (July 11th, 2012), OutOfPhase (July 10th, 2012), Outsane (July 13th, 2012), OverByter (July 12th, 2012), p-bOt (July 11th, 2012), paleodust (July 12th, 2012), palmtree5 (July 10th, 2012), PavementPilot (July 16th, 2012), pedz (July 13th, 2012), Percival (July 10th, 2012), pete_2x4b (July 13th, 2012), Petrah (July 10th, 2012), PGP_Protector (July 13th, 2012), phbair (July 11th, 2012), phojo (July 11th, 2012), Podivin (July 11th, 2012), porkyhontas (July 18th, 2012), pressy4pie (July 10th, 2012), Puppa (July 16th, 2012), QuasiNerd (July 12th, 2012), Quinny898 (July 10th, 2012), r3do (August 5th, 2012), Rachel A (July 10th, 2012), rafier (July 10th, 2012), Ramzes13 (July 10th, 2012), Random24 (July 11th, 2012), RangersK (July 12th, 2012), Rarewolf (July 10th, 2012), Raven2010 (July 14th, 2012), RavenFox (July 11th, 2012), RDTatel (July 11th, 2012), Red Hare (July 10th, 2012), RedMurkal (July 12th, 2012), RedSun (July 10th, 2012), rehsa (July 12th, 2012), Relax196 (July 11th, 2012), Rev. Po-Jay (July 11th, 2012), richboi (July 11th, 2012), RichSz (July 10th, 2012), RigelX (July 11th, 2012), ritzg (August 2nd, 2012), Rob (July 10th, 2012), robert93436 (July 10th, 2012), RobertB-DC (July 16th, 2012), Romulous (July 11th, 2012), ROOTed_PREVAIL (July 11th, 2012), Rootmepls (July 12th, 2012), rparra14 (July 11th, 2012), Rudedawg (July 11th, 2012), Rush (July 10th, 2012), Rxpert83 (July 10th, 2012), ryancmatchett (July 13th, 2012), S3VOL (July 11th, 2012), Sabswifey (July 12th, 2012), Saint2710 (July 18th, 2012), salvy512 (July 11th, 2012), sambowomble (July 11th, 2012), SammyGS2 (July 12th, 2012), sammyz (July 10th, 2012), samrox144 (July 10th, 2012), SamsungAdmire (July 10th, 2012), SamuraiBigEd (July 10th, 2012), samwapp (July 10th, 2012), sandman1555 (July 14th, 2012), sandpipershore (July 18th, 2012), Sandroidfan (July 11th, 2012), sandyrokr (July 14th, 2012), saptech (July 12th, 2012), Sarge1721 (July 31st, 2012), Sax÷n (July 12th, 2012), ScandaLeX (December 4th, 2012), scanman (July 10th, 2012), scary alien (July 10th, 2012), scooter1942 (July 10th, 2012), ScorpionX (July 10th, 2012), ScottE (July 12th, 2012), scotth501 (July 10th, 2012), scotty85 (July 13th, 2012), Seabee74 (July 11th, 2012), seadog76 (July 12th, 2012), Seadogs (July 11th, 2012), SerialSarpins (July 11th, 2012), sflannery07 (July 10th, 2012), SgtJohn (July 11th, 2012), Shazbat (July 11th, 2012), Shikki1985 (July 11th, 2012), shinru2004 (July 10th, 2012), ShinySide (July 10th, 2012), Shotgun84 (July 11th, 2012), Showme (July 18th, 2012), Sideman (July 12th, 2012), silverfang77 (July 11th, 2012), simrick (July 11th, 2012), singbluesilver (July 15th, 2012), sjs3059 (July 15th, 2012), slimchance (July 10th, 2012), Smokey Joe (July 19th, 2012), smokinjoe1979 (July 10th, 2012), Snake X (July 12th, 2012), snapcase (July 10th, 2012), Sojourn (July 11th, 2012), soopersonic (August 22nd, 2012), SoxFanNH (July 15th, 2012), soyyo150 (July 11th, 2012), SparksGuy (July 13th, 2012), srish2 (July 11th, 2012), Stephmartin71 (July 13th, 2012), Steven58 (July 10th, 2012), stevevercs (July 14th, 2012), Stigy (July 10th, 2012), stlcoptony (July 14th, 2012), Stuntman (July 11th, 2012), sturvey (July 13th, 2012), sugarfree (July 16th, 2012), suntopper (July 14th, 2012), supercampeon22 (July 10th, 2012), SuppliedRelic (October 11th, 2012), SUSS (July 11th, 2012), swr2000 (July 11th, 2012), sysadmn (July 12th, 2012), s_special (July 10th, 2012), Tab88 (July 17th, 2012), taghag (July 11th, 2012), teamstevo (July 13th, 2012), TehGaberz91 (July 10th, 2012), Teklogikal (July 12th, 2012), Thats (July 10th, 2012), The Absolute (July 11th, 2012), thefletch (July 16th, 2012), theonewho (July 14th, 2012), TheRealKTFO (July 11th, 2012), TheRiot (July 10th, 2012), thezman007 (July 18th, 2012), The~Skater~187 (July 10th, 2012), thrylosthyra7 (July 11th, 2012), tiede (July 10th, 2012), Timmay0106 (July 11th, 2012), Tman450 (July 12th, 2012), tnatnatna1 (July 11th, 2012), tony99 (July 16th, 2012), TourGuide (July 11th, 2012), Trek950 (July 10th, 2012), trialnerror (July 11th, 2012), tripdoc79 (July 11th, 2012), Trooper (July 12th, 2012), trophynuts (July 10th, 2012), Tsquared (July 13th, 2012), Tumeg (July 10th, 2012), TVictory (July 10th, 2012), TwinBing (July 12th, 2012), Unforgiven (July 10th, 2012), unquello (July 18th, 2012), varun.chitre15 (July 10th, 2012), vfxraven19 (July 16th, 2012), victrolacola (July 13th, 2012), vijay4b7 (July 11th, 2012), VoidedSaint (July 10th, 2012), Volkrik (July 12th, 2012), vosg (July 11th, 2012), VydorScope (July 12th, 2012), wetbiker7 (July 10th, 2012), whiteturbo (July 11th, 2012), Willie Nelson (July 12th, 2012), wimpiecoetzer (July 13th, 2012), Winddale (July 12th, 2012), Wirefly (July 18th, 2012), Wobblin31 (July 11th, 2012), Wushih (July 12th, 2012), wutwutman (July 12th, 2012), xanderful (July 12th, 2012), xfuchsiax (July 14th, 2012), xhepera (July 14th, 2012), xiteg79 (July 11th, 2012), xwheelsx (July 16th, 2012), xxbazhxx (July 12th, 2012), xxkid123 (July 14th, 2012), Xyro (July 10th, 2012), YankeeDudeL (July 17th, 2012), Zenstrive (July 11th, 2012), zimlokks (July 11th, 2012), ZirDan (July 11th, 2012), Zoandroid (July 10th, 2012), zr0hero (July 11th, 2012)