Forum possibly breached

[Uffe]

Hey guys,

I just received a scam email quoting the address and password I'd used for this forum (though not the forum itself).
It might be a good idea to reset your passwords.

/Uffe

[Eve]

I assume you're using a unique password for this forum? No chance of any malware on your system?

From what I can read online passwords here are stored as a salted hash, that's something at least.

[Paolo F Cantoni]

I assume you're using a unique password for this forum? No chance of any malware on your system?

From what I can read online passwords here are stored as a salted hash, that's something at least.

I think Uffe's point is that he was provided with the password in PLAIN TEXT - intimating the hack had worked!  I've received similar emails, though not I suspect from this forum.  Fortunately, the passwords were some 20 years old and no longer used.

Paolo

[Eve]

Yes, that was my understanding of what I read. All that means is that someone has gained access to Uffe's password. It doesn't say why. If that password is only used here, that limits the possible locations of the breach to his computer and our server.

I don't have any visibility on the server, and wouldn't know what kind of things to check for even if I did.

[Uffe]

Hi again,


As far as I can remember this was a unique password but it was very old so I can't say for absolute certain. I did have it stored in my browser's password manager, and I do log in "forever" which I assume means there's something stored in a cookie, but my malware scans haven't turned up anything.

Of course, if the data was stolen from the forum it could be that that happened years ago and it's only recently that someone's got around to brute-forcing the passwords.

But it's probably worth it to check the logs for any recent suspicious activity, and for users to change their passwords.


/Uffe

[AndyJ]

Hmm...

Changed my password, can't hurt...