Important Notice - Security Breach

Discussion in 'Site Updates & Announcements' started by Phases, Jul 10, 2012.

  1. jerofld

    jerofld Fixing stuff is not easy
    VIP Member
    313

    May 10, 2011
    7,688
    4,273
    313
    Male
    I fix stuff
    Over there <points>
    Yeah, everyone knows that you use an iPod touch and wouldn't be caught dead using an iPod color (or whatever it is).
     

    Advertisement

  2. Unicorn512

    Unicorn512 Well-Known Member
    38

    Jan 21, 2010
    141
    11
    38
    Male
    Idaho
    I also received the following msg (twice) after I canged passwords.

    Dear Unicorn512, Someone has tried to log into your account on Android Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes. The person trying to log into your account had the following IP address: 174.253.187.214 All the best, Android Forums

    I checked and it's the VZN supplied address on my DROID3. Then it occurred to me that the Phandroid app on my phone must be the cause, so I uninstalled it.
     
  3. dautley

    dautley VIP Member
    VIP Member
    253

    Jul 23, 2010
    1,823
    502
    253
    Dickson, TN.
    Isn't accusing someone of using a Fruity product on a Android forum against some kind of TOS?:D
     
    jmar likes this.
  4. testify585

    testify585 Member
    15

    Jul 27, 2010
    18
    0
    15
  5. Cam

    Cam Well-Known Member
    138

    Aug 24, 2011
    448
    527
    138
    USAF
    Shreveport, LA
    Phases,

    I changed my password earlier today as soon as I saw your notice, and this evening between 5:02 and 6:18PM Central Time there were four failed login attempts on my account. I was out eating dinner with my wife at the time, so I know for a fact that it wasn't me.

    It seems to me that there is a high probability that whomever compromised your database is in fact trying to use that information to gain access to user accounts.

    FYI...
     
  6. Unforgiven

    Unforgiven -.. --- - / -.. .- ... ....
    Moderator
    4,238

    Jun 23, 2010
    32,505
    30,919
    4,238
    Male
    Douglas, MA
    If you have any apps on your phone that connect to AF you need to resetu your password on them. They will continue to try and connect to AF using your old credentials and cause those messages. Accross 3 PCs and 2 phones I had to update passwords 28 times.
     
  7. Cam

    Cam Well-Known Member
    138

    Aug 24, 2011
    448
    527
    138
    USAF
    Shreveport, LA
    I'll do that, but those apps (Tapatalk) were not running on my phone or tablet, even in the background. Don't they have to be running for that to happen?
     
  8. Xyro

    Xyro 4 8 15 16 23 42
    Moderator
    1,413

    Dec 1, 2009
    12,804
    9,027
    1,413
    UK
    Do you have subscription or pm notifications on in tapatalk?
     
    Cam and Unforgiven like this.
  9. Unforgiven

    Unforgiven -.. --- - / -.. .- ... ....
    Moderator
    4,238

    Jun 23, 2010
    32,505
    30,919
    4,238
    Male
    Douglas, MA
    ^^^ that's the key, they check in for any push notifications. I had Forum Runner and Tapatalk both trying to check for PM's.
     
    Cam likes this.
  10. Cam

    Cam Well-Known Member
    138

    Aug 24, 2011
    448
    527
    138
    USAF
    Shreveport, LA
    No and no. I just checked again to be sure. However, I certainly acknowledge that Tapatalk could have been the culprit, since I didn't change my password in that app until until just now. Like I said, Tapatalk wasn't running at all as far as I know, but who knows? That does seem more plausible than some hacker trying to use my account out of the thousands and thousands of accounts on AF...

    Edit: Nevermind, I did have those settings turned on in Tapatalk. That must have been it.
     
    Xyro and Unforgiven like this.
  11. mamawm

    mamawm Well-Known Member
    63

    Jul 22, 2011
    205
    48
    63
    i changed my password on my computer bright and early this morning and soon after received 3 notices that someone was attempting to log into my account with an incorrect password. i do have the phandroid app loaded on both my phone and tablet. i ran the network info app and realized that the ip address trying to access my account was the external ip for my isp. so i just opened the phandroid app on both phone and tablet and signed out, then waited the 15 minutes and resigned in. no more notices. all is good.
     
  12. Leemann

    Leemann Well-Known Member
    36

    Jul 29, 2011
    53
    8
    36
    Near here
    The Doctor is coming...........

    Thanks for the quick response.
    Lee
     
  13. EarlyMon

    EarlyMon The PearlyMon
    5,118

    Jun 10, 2010
    57,623
    70,354
    5,118
    New Mexico, USA
    Yep, recall it clearly and the response given was coordinated with admin with the best information at the time - but definitely, your query was escalated. ;)
     
  14. laptopquestion

    laptopquestion Well-Known Member
    73

    Jun 28, 2012
    289
    53
    73
    I changed my password....

    Do I win something :) ?
     
  15. Sharondippity

    Sharondippity Dismember
    VIP Member
    113

    I made you a cupcake but I ated it :)
     
  16. trialnerror

    trialnerror Well-Known Member
    16

    Sep 8, 2011
    59
    9
    16
    permanent vacation
    Lake Geneva, Wisconsin
    Thank You ;

    To all involved in finding and fixing some evil persons attempt . :)
    I for one am very appreciative of this.. and thanks again.
     
  17. chaz_uk

    chaz_uk Well-Known Member
    63

    qwertyuiop

    No one will guess mine! :D

    (Thanks for the warning)
     
  18. Crashumbc

    Crashumbc Well-Known Member
    223

    Apr 7, 2010
    1,810
    550
    223
    IT god
    B'more
    agreed, THIS IS HOW A BREACH SHOULD BE HANDLED !!!!


    It's really sad a "hobby/user forum" (no offense) can get it "right", but banks,online retailers, etc. fail so miserably.

    Thank you.
     
  19. Crashumbc

    Crashumbc Well-Known Member
    223

    Apr 7, 2010
    1,810
    550
    223
    IT god
    B'more

    Then the "security" fault lies with YOU, not AF...

    using the same password everywhere is beyond bad.

    I could see using the same password across forums, but e-mail? NEVER...

    Please review your security practices before complaining about others... (glass houses and all that stuff)
     
  20. Crashumbc

    Crashumbc Well-Known Member
    223

    Apr 7, 2010
    1,810
    550
    223
    IT god
    B'more
  21. trparky

    trparky Well-Known Member
    113

    I changed my password for this site, no issues at all. Luckily, this was one of the many sites that I've already converted the password over to a completely randomly generated password. The old password was 12 characters long, the new password is 16 characters long.

    It has been said before by some people that you shouldn't use the same password for every site that you use. I personally use a randomly generated password for about 75% of all web sites that I have accounts on and save these passwords in my Roboform data.
     
  22. thornev

    thornev Well-Known Member
    53

    Nov 20, 2011
    309
    98
    53
    Hudson Valley, NY
    Yeah, my band's web site hosted by 1&1 was attacked yesterday. Somehow they got into my main web page and altered it to call an install of a virus. Took me 2 hours to clean off my computer and remove the virus call.
     
  23. Crashumbc

    Crashumbc Well-Known Member
    223

    Apr 7, 2010
    1,810
    550
    223
    IT god
    B'more

    One Ring to rule them all, One Ring to find them, One Ring to bring them all, And in the darkness bind them

    :p
     
  24. Loota

    Loota Well-Known Member
    123

    Feb 3, 2012
    739
    487
    123
    Male
    Unemployed Medical Field Service Engineer
    Rockland, NY
    Thanks for being so forthcoming!
     
  25. Brandon Sheley

    26

    Jul 5, 2012
    8
    1
    26
    App dev
    Kansas
    I'm glad the exploit was secured.

    FYI.. There is a GIANT difference between a vbulletin forum and the framework a bank or most online retailers run :rolleyes:
     

Share This Page

Loading...