Page 1 of 1

Our user data has been stolen

Posted: Sat Dec 29, 2018 10:13 am
by cal
I am still investigating, but it appears our user database has been stolen.

The database does not contain much of interest - essentially your email address and a coded password. The password should not be readable.

I know the system was attacked by hackers in mid 2017, though at the time it just looked like a failed attempt that ultimately crashed the system.

I suspect the data was stolen then, though by definition we might have been hacked more recently and not be aware of it.

(1) You may receive a "I have your password" spam message asking for money - ignore it.

(2) You may want to change your passwords if you share them with this site - standard practice now is to keep a different password on every site.

When I find out more, I will post further notices here.

Re: Our user data has been stolen

Posted: Sun Dec 30, 2018 9:27 am
by Henri De Ceredigion
cal wrote:I am still investigating, but it appears our user database has been stolen.

The database does not contain much of interest - essentially your email address and a coded password. The password should not be readable.

I know the system was attacked by hackers in mid 2017, though at the time it just looked like a failed attempt that ultimately crashed the system.

I suspect the data was stolen then, though by definition we might have been hacked more recently and not be aware of it.

(1) You may receive a "I have your password" spam message asking for money - ignore it.

(2) You may want to change your passwords if you share them with this site - standard practice now is to keep a different password on every site.

When I find out more, I will post further notices here.


Thank you for your due dilgernece, but considering what we talk about, there is no financial information attached to our profiles and the forums have been (as discussed in other postings) slow, I don't think we have anything untoward to worry about.

Re: Our user data has been stolen

Posted: Sun Dec 30, 2018 11:45 am
by PaulMurphy
If you believe a hashed password is not readable, therein lies part of the problem. There are lookup tables for most hashes which will reveal passwords of 10 characters or less in milliseconds. Colin's original post made it clear that the password was quoted back to him.

It is time to turn off the lights, close the shutters, and get the bulldozers in. Sad given the long history and usefulness of this forum over the years, but in all honesty it is better to go out with a very small and hardly noticeable bang than with a whimper. The forum has been in terminal decline since the great Campfire schism of 2009/2010. The time has come. Save yourself the hosting fees, return any ad payments already made for 2019 (though in reality who pays to advertise to nobody?), wave goodbye and maybe organise a wake, and then pull the plug.

Re: Our user data has been stolen

Posted: Mon Dec 31, 2018 10:53 am
by 40/- freeholder
There's been a slight increase in spam getting through the filters on my email but nothing that isn't blindingly obvious and instantly deleted.
If Paul Murphy is so keen on destroying this forum, would he care to recommend an alternative that does not involve Zuckerberg/ Facebook in any incarnation? The data breaches/abuses on those platforms are horrendous to read about. The attack on this site pales into insignificance.

Re: Our user data has been stolen

Posted: Mon Dec 31, 2018 11:18 am
by PaulMurphy
In all honesty, the easiest way to replicate this forum is to lock yourself in a soundproof room and then remain silent for a month. For the two contributors to the 4 word story, exchanging mobile numbers and sending a 4 word text message daily would do the job.

I tried to stir up the forum, and the tumbleweed was of awesome proportions. My resolution for 2019 is to stop visiting this forum in the perennial hope that it will be resurrected, and instead use the 30 seconds per day that it takes to confirm that there are no new posts in doing something more constructive.

Re: Our user data has been stolen

Posted: Fri Jan 04, 2019 9:31 am
by knirirr
40/- freeholder wrote:If Paul Murphy is so keen on destroying this forum, would he care to recommend an alternative that does not involve Zuckerberg/ Facebook in any incarnation?


That is also very much a concern of mine.

Re: Our user data has been stolen

Posted: Wed Jan 23, 2019 8:14 pm
by madjon
User data- most active topic- Victorian underpants! Or I talk a lot of pants, email address is already on so many spam lists, every now and then the spam mail changes when lists get passed around, I have different passwords for different sites and change them regularly as sop, there's not a lot on here for hackers to glean, so no worries, will go and post something and see what happens.