Tweet
is there a user password breach in vbulletin 3.8x ?? (hacker alert)
is there a user password breach in vbulletin 3.8x ??
one of the BIG sites i go to that uses vb 3.8.4 a few days ago had a "breach", long story short all users got an email (plus forum notice) to change their passwords. ok maybe an isolated incident. (even eva2000 is a mod there and long time user.)
today another forum using vb, specifically codemasters, sent a similar email.
then another site using vb told it's users the same thing. all use vb forums.
what is going on ?
has vb 3.8x been breached ??? should i force a password change for my users ? (small board), shut down for a few days ? anything ?
(had a quick look in announcements and this forum, and found nothing about this. if a post already exists merge or close....)
concerned user,
thanks
i attach the codemasters email since it's generic.
one of the BIG sites i go to that uses vb 3.8.4 a few days ago had a "breach", long story short all users got an email (plus forum notice) to change their passwords. ok maybe an isolated incident. (even eva2000 is a mod there and long time user.)
today another forum using vb, specifically codemasters, sent a similar email.
then another site using vb told it's users the same thing. all use vb forums.
what is going on ?
has vb 3.8x been breached ??? should i force a password change for my users ? (small board), shut down for a few days ? anything ?
(had a quick look in announcements and this forum, and found nothing about this. if a post already exists merge or close....)
concerned user,
thanks
i attach the codemasters email since it's generic.
Codemasters Forum Security Update
Dear Codemasters forum member,
Codemasters Online take every step to ensure your accounts are as secure as possible. Unfortunately, it has come to our attention that in the last few days the Codemasters forums were subjected to a hacking attempt which may have compromised account security.
Please pay particular attention to emails you may receive that claim to be from Codemasters and remember that Codemasters will NEVER ask for your passwords or account details. Should you receive any suspicious looking emails, do NOT click any links in them. Please forward any of these emails to [email protected] so that we can deal with them immediately.
Although your CodeM password is not stored on the forums, to increase account security we urge you to immediately update your CodeM password by logging in at www.codemasters.com/codem.
Things you can do to protect your account and your identity
We would like to take this opportunity to share some tips and tricks with you to help you increase your own security. Taking responsibility for your own account security is important and not difficult to do, every precaution you take is one further defence against such attacks
Giving out personal details
Codemasters do not have access to your password and will never ask you for it, so never give it out to anyone.
Never share your account. The sharing of account details is strictly against our terms of service. We cannot be held responsible for anything that results from doing this.
If you suspect your account has been tampered with, you must notify Codemasters immediately
Suspicious e-mails
Some "phishing" scams use e-mail addresses that look very similar to ours but are not correct, for example [email protected]. As you can see, that e-mail address looks real however on closer inspection you can see codemasters is spelled incorrectly.
How to create secure passwords
When creating your passwords, try to use a combination of letters of mixed case and numbers and make the password of at least 8 characters in length. This will make it much more difficult for hackers to guess your password.
Generally if the password is in the dictionary, it will be discovered in a very short period of time.
This Password Strength Checker can give you a visual idea of how strong your password is http://www.microsoft.com/protect/fraud/passwords/checker.aspx
Finally, we would like to remind you of a useful thread in our forums offering additional advice and information that can help to protect your personal data.
Dear Codemasters forum member,
Codemasters Online take every step to ensure your accounts are as secure as possible. Unfortunately, it has come to our attention that in the last few days the Codemasters forums were subjected to a hacking attempt which may have compromised account security.
Please pay particular attention to emails you may receive that claim to be from Codemasters and remember that Codemasters will NEVER ask for your passwords or account details. Should you receive any suspicious looking emails, do NOT click any links in them. Please forward any of these emails to [email protected] so that we can deal with them immediately.
Although your CodeM password is not stored on the forums, to increase account security we urge you to immediately update your CodeM password by logging in at www.codemasters.com/codem.
Things you can do to protect your account and your identity
We would like to take this opportunity to share some tips and tricks with you to help you increase your own security. Taking responsibility for your own account security is important and not difficult to do, every precaution you take is one further defence against such attacks
Giving out personal details
Codemasters do not have access to your password and will never ask you for it, so never give it out to anyone.
Never share your account. The sharing of account details is strictly against our terms of service. We cannot be held responsible for anything that results from doing this.
If you suspect your account has been tampered with, you must notify Codemasters immediately
Suspicious e-mails
Some "phishing" scams use e-mail addresses that look very similar to ours but are not correct, for example [email protected]. As you can see, that e-mail address looks real however on closer inspection you can see codemasters is spelled incorrectly.
How to create secure passwords
When creating your passwords, try to use a combination of letters of mixed case and numbers and make the password of at least 8 characters in length. This will make it much more difficult for hackers to guess your password.
Generally if the password is in the dictionary, it will be discovered in a very short period of time.
This Password Strength Checker can give you a visual idea of how strong your password is http://www.microsoft.com/protect/fraud/passwords/checker.aspx
Finally, we would like to remind you of a useful thread in our forums offering additional advice and information that can help to protect your personal data.
Comment