1. Are you ready for the Galaxy S20? Here is everything we know so far!
Thread Status:
Not open for further replies.

Important Notice - Security Breach

Discussion in 'Site Updates & Announcements' started by Phases, Jul 10, 2012.

  1. Crashumbc

    Crashumbc Android Expert

    most definitely, banks, online retailers have much MORE at stake and should MORE forthcoming and faster to notify their users because the risk is greater...

    if a vBulletin site can start notifying user within a couple hours, a bank should be doing it with an hour of confirming their systems were compromised and information lost.

  2. 2momo123

    2momo123 Lurker

    Thanks for the info, may I ask if the passwords are hashed and/or salted?
  3. Unforgiven

    Unforgiven ...eschew obfuscation...

    both, the admin posted about it earlier in the thread somewhere.
  4. dstuttgen

    dstuttgen Lurker

    I changed my password yesterday. This morning I had 37 failed attempts at log-on and it says it is coming from my IP. What give?

    Cheers, Dan
  5. Unforgiven

    Unforgiven ...eschew obfuscation...

    You need to reset the password on any apps that access the forums (Tapatalk, Forum Runner, official Phandroid app) as they will continue pinging the site to check for any push notifictions. The same thing happened to me.
  6. dstuttgen

    dstuttgen Lurker

    Yup, figured that out after I posted. I needed to re-log in on my galaxy S. All better now. Thanks for the shout-back!

    Cheers, Dan
  7. 76ford90lx

    76ford90lx Guest

    I do think a mass email would have been a good idea. Sometimes I dont have the time to log on for days or even a week or more.

    Besides that great job on cleaning up the mess guys :)
    colchiro likes this.
  8. Lks Lks

    Lks Lks Well-Known Member

    I also have some issue before.for a couple of a minute I logout my profile,l found some one already login with a name don't remember the name.then I logout his profile.its seems very strange.

    but my profile is always secure because of good great amazing security and great people hard work to secure Android forum thanks a lot..:)
  9. Unforgiven

    Unforgiven ...eschew obfuscation...

    This is a known issue i believe. I don't think you are logged in as someone else, just their name is displayed.
  10. Lks Lks

    Lks Lks Well-Known Member

    ya may be just their name displayed.
  11. JosephHopkins

    JosephHopkins Lurker

    Good job guys.. fast work!!
  12. joey3002

    joey3002 Guest

    How can I delete my account?
  13. Unforgiven

    Unforgiven ...eschew obfuscation...

    PM Phases, but can I ask why?
  14. joey3002

    joey3002 Guest

    1. I dont use the site..
    2. One less site to worry about..

    I think its time I start cleaning up the sites I am a member of. Nothing against the site here.. Just if I do not use a site, why continue to be a member.
  15. Unforgiven

    Unforgiven ...eschew obfuscation...

    Fair enough. While I left my account nearly dormant for 18 months, when I did have a need it was nice to have it still around. I wish you luck in the future and would hate to see you go.
  16. dautley

    dautley Android Expert

    To the Rob, Phases, and staff of Phandroid (Android Forums),
    Good job in being so forthcoming with information as soon as it was discovered the site had been attacked, allowing your members to change their passwords and minimize any potential damage to ourselves both here and any other site where we might use the same user name/password combination.
    With that in mind I would just like to remind others users who may be upset that their info MAY have been accessed that many attacks on Government, Military, Financial, and Privet sites (that we may never hear about) take place every day. Examples of this are China was able to access DoD servers @ Los Alamos and steal advanced nuclear warhead designs, the cyber-attacks on Iran, and it seems almost monthly we here about some credit card progressing company being hit months after the fact.
    This is the nature of the internet and there is nothing a website or company can do to prevent an attack from happening in the first place.
    What they can do is invest in good firewalls and monitoring software so they know when such attacks occur and notify users so they can take any actions we need to. This is exactly what AndroidForums/Neverstill Media did, so to all the staff involved, Thank You again! :)
    trparky and jmar like this.
  17. geeknik

    geeknik Lurker

    Eh, let 'em have my password. Thanks to LastPass, it was a randomly generated password not in use on any other of my accounts. I've updated it with another randomly generated password unique to this account. =)
  18. CuBz

    CuBz Android Expert

    I had an email saying someone had tried accessing my account, but from my IP. My IP changes every few hours, so it seems very very fishy.
  19. Unforgiven

    Unforgiven ...eschew obfuscation...

    You need to reset your password in any app on your devices that connects to Android Forums (Tapatalk, Forum Runner, or the AF app itself) as they will try and connect to the site for push notifications.
    PyroSporker likes this.
  20. droidsix

    droidsix Lurker

    Thanks to All... I am very impressed with your speed and professionalism.

    I have done what I need to, and have no concerns. Thanks Again :) :) :)
  21. CuBz

    CuBz Android Expert

    Ah yes, the Phandroid app... silly me :stupid:

    P.S. Does this forum support Tapatalk now? :rolleyes:
  22. Unforgiven

    Unforgiven ...eschew obfuscation...

    No worries, I did the same exact thing.:rolleyes:
  23. PyroSporker

    PyroSporker Android Expert

    This ought to be added to the first post in red so it doesn't have to be re-posted as many times. ;)
  24. Unforgiven

    Unforgiven ...eschew obfuscation...

    I've already asked for that.
  25. Kaldek

    Kaldek Lurker

    I'm interested in whether the password hashes were salted. I'll feel better knowing they were salted.

Share This Page