Rekomenderar er att byta lösenord på alliedmods.net om ni är medlemmar där samt byta lösenord på andra sajter där ni använt samma lösenord.
06-11-14 until 07-12-14
This week we discovered a data breach that affects all our registered users.
On June 7th we discovered some anomalous files on our webserver, and began investigating where they came from. From what we can tell, on March 16th, an administrator's account was accessed by an unidentified attacker. The attacker used an obscure feature in the forum control panel to upload arbitrary code to our webserver. Then, the attacker downloaded a portion of the forum database. The breached data contained three pieces of information:
* Account names
* E-mail addresses
* Hashed passwords
* Last login IP address
Unfortunately our forum software (vBulletin) used a password hashing scheme that is considered insecure by modern standards. We are therefore recommending that all our users change their passwords as soon as possible. If your AlliedModders password was used on other services, we recommend that you change your password on those services as well.
We do not believe the attacker compromised our systems in a way that would expose private messages, plaintext passwords, real names, or otherwise intercept private traffic. We also believe the March 16th incident was isolated in nature. Nonetheless, it is serious enough to warrant immediate action.
We are deeply apologetic for this incident - it's a black mark on what had been a perfect track record for over ten years. As a result we've attempted to identify and address each of the weaknesses that contributed to this attack. In particular:
* We have modified vBulletin to use more secure password hashing (bcrypt, instead of md5).
* We are now restricting the privileges of all administrator accounts.
* We have restricted vBulletin's file system privileges and added intrusion detection.
Again, we apologize for the inconvenience. If you have any questions, please contact us at firstname.lastname@example.org.