question about the "Breach"

[sao123]

With respect to the security breach:

http://forums.anandtech.com/announcement.php?f=14&a=67

In the process, anyone who was logged in and accessed the forums during this period had their stored PMs accessed by this script. In addition, any user who manually logged in had their user name and password accessed (141 total users).

Is this speaking of only those who manually logged in (by typing in your userid and password... and not seemingly inclusive of those who accessed the forums, via a cached credentials (save my login via cookie)?

 

[ViRGE]

That is correct. Users who were already logged in did not have their passwords taken, just their PMs.

 

[Number1]

This was the "Test Announcement"?

I did click it, what are the consequences?

 

[ViRGE]

This was the "Test Announcement"?

I did click it, what are the consequences?

You're not on the list of compromised accounts that we recovered, so it doesn't look like your password was taken. However it's reasonable to assume your PMs were copied off to the remote server.

 

[dmcowen674]

You're not on the list of compromised accounts that we recovered, so it doesn't look like your password was taken. However it's reasonable to assume your PMs were copied off to the remote server.

I wasn't logged in or clicked on anything but when I tried to log in my old password no longer worked. Perk has since fixed it but I was wondering if I was on that list of the 141?

I hadn't logged in since around April because I thought I was perma banned then.

 

[ViRGE]

You were on the list, Dave.

 

[taq8ojh]

Didn't exactly the same thing happen over at Guru3D?

 

[ControlD]

I was wondering why my password stopped working yesterday. I guess I know now.

 

[SOFTengCOMPelec]

It seems I was one of the 141. I just managed to get it sorted out, now.

 

[pcslookout]

I told everyone there was a breach but no one believed me before.

 

[ViRGE]

I told everyone there was a breach but no one believed me before.

This happened yesterday. So unless you told someone between 8:30am and 10:40am ET, you're barking up the wrong tree.

 

[pcslookout]

I wasn't logged in or clicked on anything but when I tried to log in my old password no longer worked. Perk has since fixed it but I was wondering if I was on that list of the 141?

I hadn't logged in since around April because I thought I was perma banned then.

Why were you perma banned ?

 

[sao123]

You know... i believe I had seen a "test announcement" at the top of the screen at least 3 times over the past few weeks. Never thought anything about it until today.

This may go deeper than just yesterday when it was seen.

 

[taq8ojh]

I actually have the same impression too. I think there was _something_ I noticed a few times but never payed any attention at all.

 

[Meghan54]

I was wondering why my password stopped working yesterday. I guess I know now.

You're not the only one. Glad it was sorted out, tho.

 

[pcslookout]

You know... i believe I had seen a "test announcement" at the top of the screen at least 3 times over the past few weeks. Never thought anything about it until today.

This may go deeper than just yesterday when it was seen.

I actually have the same impression too. I think there was _something_ I noticed a few times but never payed any attention at all.

Thank you finally people that confirm it for me. I told people about the breach way before hand.

 

[taq8ojh]

Hey, I don't know for sure. I might very well be wrong. It's just an impression...

 

[SOFTengCOMPelec]

Thank you finally people that confirm it for me. I told people about the breach way before hand.

I definitely looked at the mod message (not the Anand one reporting the hacking), the one BEFORE the hacking.
So presumably that message I read WAS the hacking.

ALSO, how do you come back as a GHOST ?

E.g. Example of a forum GHOST

 

[Braznor]

Was my account compromised?

Can anyone help me?

I haven't manually logged in for quite sometime now I think. 😕

 

[Soundmanred]

Was my account compromised?

Can anyone help me?

I haven't manually logged in for quite sometime now I think. 😕

You were at the end of the list so you're ok.
There were supposed to be 150, but time ran out.

 

[Braznor]

You were at the end of the list so you're ok.
There were supposed to be 150, but time ran out.

Why should I trust you?

Mr Google Employee said you were the hacker. :biggrin:

 

[mmntech]

Never noticed the announcement but a little worrying PMs got grabbed. I'm actually surprised this doesn't happen more often on tech forums. Must be a good security team.

 

[DrPizza]

If any of you use the same password here as you do for other important things (like banking accounts, etc.), you'd be well advised to change those passwords, pronto!

 

[sao123]

This happened yesterday. So unless you told someone between 8:30am and 10:40am ET, you're barking up the wrong tree.

Its happened before ViRGE... Ive seen it at least 3 times over the last few weeks.

I actually have the same impression too. I think there was _something_ I noticed a few times but never payed any attention at all.

I remember this as well.

 

[gothamhunter]

Its happened before ViRGE... Ive seen it at least 3 times over the last few weeks.




I remember this as well.

Ditto.