Discussion in 'Site Updates & Announcements' started by Phases, Jul 10, 2012.
I know who the culprit is!!!
The "Butler" done it!
Thanks for the notice change Vic, much better.
thanks guys for the notice, as well as the prompt action to the situation. and just thanks to everyone else to who has made this a very helpful, and informative forum.
Far more obvious, good job Tvic, now get some sleep, you probably haven't had any in the last few days.
+1 to the updated Banner.
They are back.. Thanks
Well that escalated quickly.. lol
Great job mods and thanks to all that are on the digital frontline for us.
I love it when you talk "technical".
Its gonna be a long night. XD
I shall change my passwords as soon. As possible. Thank you AF. For letting us know what was going on.
Now, to panic in an ordinarily fashion.
Guess I should be glad I used a throwaway email when I registered long ago. (well, one I use for signups but don't mind trashing should the need arise, so semi-disposable.)
Ehh Now Im going to have to change some of my passwords on a few sites, going to start using random generated passwords (Generated by me ) for every site now.
Thank you for letting the users know. I would start digging throug the logs. It might take quite some time but would make it worth-while seeing the hackers charged with criminal online activities in the long run! Don't spare your efforts as it could pay off later. Thank you one more time for letting us know and good luck!
EDIT: Sorry for the false report fellas. Looks like the it may have came from my phone. Looks like that 9 page report I was writing for school when all this happened must have fried my brain.
Evidently the last email I received after disconnecting Tapatalk was delayed and WAS from the Tapatalk app. Thanks for removing the IP address. I do appreciate it.
Is your phone from the LA area? I live in a town in northern CA but when I got my phone I lived in another town in northern CA previously. I googled the ip address in the email and it was showing the ip address was from my previous town. But then I realized it was my phone and when I changed my password on the Phandroid app I stopped getting the login failed email.
Thank you for the heads up. It's not something a website wants to admit but the respect of your users is obvious by telling everyone that to take and wait-and-see approach to hide the embarrassment. (Not that you guys did anything wrong just that fact it happened to you.)
I went ahead and checked again and it seems that the last email I received was because of the Tapatalk app even though I had wiped the data. The email was delayed evidently. Sooooo my dumbass posted a false report. I'm sitting here shaking my head right now because it didn't even cross my mind to check my phones IP address since I had cleared the data from Tapatalk.
Thanks for pointing that out.
I need a break! This school work is frying my brain. lol :banghead:
SORRY FOR THE FALSE ALARM, PEOPLE.
No worries wetbiker7, better safe than sorry.
Best luck in school!
Thanks Early, I appreciate it.
I love this site and how fast it response ^_^
Thanks to all the mods and administors on solving this issue!
hmmm dunno why people are posting thx tbh email account I use here is almost junk free or it was, how the hell did that happen..... and how can you guarantee it won't happen again...?
EDIT: take it our usernames and IP address's and profiles were compromised too?? PM's maybe too ?
Seriously considering getting the owner to delete me from the SQL DB as I'm a member of a few forums "a couple I could understand hackers having a pop at" and its the first time this has ever happen to be since the BBS days pre-forums....
Tell that to the FBI, they're currently trying to imprison a British Citizen for the crime of finding out if he could hack into their servers by actually doing it. If they're fallible, then there's no hope for anyone.
Responsibility for security ALWAYS lies with the user AND the provider.
Personally I was forced to set up a more clever password system after my "usual" password got hacked on eBay (no real harm done) and I still used that password for all web forums up until yesterday (since there's little real damage anyone can do by posting as me). Thankfully, I have LastPass, so I have a handy list of which forums I haven't changed the password yet. There's no way I could remember hundreds of passwords,so a system is the only possibility.
In my case I use passW0rd%X where X is the first letter of the site I'm on. It's hardly uncrackable, unlike my Wifi password which is a 52-character string, but it'll stop casual hackers.
Still won't change my password
I assure you this most certainly isn't the first time this has happened since the BBS days, it happens all the time. Most places never tell the users about intrusions.
In fact, I'd bet most mid-moderately successful sites don't even know it happens to them. The hackers/spiders don't leave thank you notes behind (most the time ). You have to have some pretty keen eyes and/or software to spot the clues sometimes.
Deleting your account won't make any difference at this point. Even so, no one can do anything (at least here) with a regular user account that can't be reversed. However, if you would like your account deleted, let me know.
A very well written and transparent post, Phases. Thanks go out to you and the rest of the team for your diligence on this issue.
The rapid response and quick updates on the status are much appreciated. Thanks again.