Jump to content

account data possibly compromised


Wazoo
 Share

Recommended Posts

As much as it pains me to do this, preferable to the alternative. I will start that I'm more than a bit peeved at the IPB staff that did know of "yet another recent exploit" but chose to not allow any of the IPB Forum application software users to know about it until releasing a "minor update" 2.1.7 version of this application.

The catch is that the release of this version was two days after the successful hack 'here' .... I caught the *&^%$ in action, took the server down ... blew about a day and a half trying to sort through logs, code, etc. to figure out the how and what, started working on a 'fresh' install of yet another 2.1.6 version only to be surprised part way through 'day 2' to see the 2.1.7 release ... so had to start all over with that download and install (and in all honesty, I'm still not back to where I'd like to be on changing some of the default settings/configurations, but ... that's not the issue here ....)

Based on the data I had, I was going that only my account data had been pulled down. However, another Forum user contacted me about some "new" spam. A post today about another IPB Forum included the suggestion that user data there had been snagged and was obvioulsy passed on to one of the more horrific spammers. I had just posted / replied to a PM talking about just receiving seven "similar" spams .... got a "new e-mail" indication .. checked that out .... 15 more of the same/similar "resume" spam, but .... one of those was to an account that had only been used on this Forum as a test account ....

Therefore, I can't help but make the declaration that the account data here has (possibly) been compromised and e-mail addresses are "out there" .. apologies won't make a bit of a difference, though I'll offer one ... but I'm sure anyone that's been around for more than a day or two knows that there can be no one more upset than I at this situation.

Link to comment
Share on other sites

Ahh, that explains it. Started getting the "resume" spams a couple days ago. They were new to me, hadn't ever gotten those particular spams before. Oh well, more stuff to feed the SCBL I guess if nothing else. Guess I'll be a little more agressive dealing with these spams than normal seeing as the address was attained by hacking. Time to do some more detailed manual reporting ;)

Link to comment
Share on other sites

On the other hand, I have had no additional or "new line" spam to my registered address. I have had a new line hit a forwarding address which was switched from being my registered address more than 12 months ago (so, assume no connection with the hack). This relayed to Wazoo by PM earlier. Some IPB-powered forums seem to be deep in denial at the public level. Appreciation that this is not one of them but, adding my tuppence-worth, nothing yet seen as a result of the SC Forum hack. Of course my ISP might just be filtering hard. Or the harvesting may have been incomplete. Or it might have been stopped in time. Thanks Wazoo, but please don't take this as "justification" for a [personal] 24/7 watch.

We are all a little jumpy, no harm in assuming the worst but the evidence is less than conclusive from my viewpoint.

Edited by Farelf
Link to comment
Share on other sites

 Share

×
×
  • Create New...