Jump to content
Sign in to follow this  
Wazoo

account data possibly compromised

Recommended Posts

As much as it pains me to do this, preferable to the alternative. I will start that I'm more than a bit peeved at the IPB staff that did know of "yet another recent exploit" but chose to not allow any of the IPB Forum application software users to know about it until releasing a "minor update" 2.1.7 version of this application.

The catch is that the release of this version was two days after the successful hack 'here' .... I caught the *&^%$ in action, took the server down ... blew about a day and a half trying to sort through logs, code, etc. to figure out the how and what, started working on a 'fresh' install of yet another 2.1.6 version only to be surprised part way through 'day 2' to see the 2.1.7 release ... so had to start all over with that download and install (and in all honesty, I'm still not back to where I'd like to be on changing some of the default settings/configurations, but ... that's not the issue here ....)

Based on the data I had, I was going that only my account data had been pulled down. However, another Forum user contacted me about some "new" spam. A post today about another IPB Forum included the suggestion that user data there had been snagged and was obvioulsy passed on to one of the more horrific spammers. I had just posted / replied to a PM talking about just receiving seven "similar" spams .... got a "new e-mail" indication .. checked that out .... 15 more of the same/similar "resume" spam, but .... one of those was to an account that had only been used on this Forum as a test account ....

Therefore, I can't help but make the declaration that the account data here has (possibly) been compromised and e-mail addresses are "out there" .. apologies won't make a bit of a difference, though I'll offer one ... but I'm sure anyone that's been around for more than a day or two knows that there can be no one more upset than I at this situation.

Share this post


Link to post
Share on other sites

Ahh, that explains it. Started getting the "resume" spams a couple days ago. They were new to me, hadn't ever gotten those particular spams before. Oh well, more stuff to feed the SCBL I guess if nothing else. Guess I'll be a little more agressive dealing with these spams than normal seeing as the address was attained by hacking. Time to do some more detailed manual reporting ;)

Share this post


Link to post
Share on other sites

On the other hand, I have had no additional or "new line" spam to my registered address. I have had a new line hit a forwarding address which was switched from being my registered address more than 12 months ago (so, assume no connection with the hack). This relayed to Wazoo by PM earlier. Some IPB-powered forums seem to be deep in denial at the public level. Appreciation that this is not one of them but, adding my tuppence-worth, nothing yet seen as a result of the SC Forum hack. Of course my ISP might just be filtering hard. Or the harvesting may have been incomplete. Or it might have been stopped in time. Thanks Wazoo, but please don't take this as "justification" for a [personal] 24/7 watch.

We are all a little jumpy, no harm in assuming the worst but the evidence is less than conclusive from my viewpoint.

Edited by Farelf

Share this post


Link to post
Share on other sites
Sign in to follow this  

×