[READ ME] DB Intercepted Primeforums

[αяυη]

This is a warning to anyone who has/had an account on Primeforums. If you use the same password for ForumKorner, I'd suggest you change it.
Around a week ago, one of our Admins got hacked (skype) which had the details for the login to our admin panel. He gained access to the admin panel and downloaded a copy of the database it seems.
Due to me being in a different time zone, I had only just got on and once I had realised what was going on I tried to stop the person who had access, but it was too late.
I am sorry this has happened, and it was a part of my own naivety. If you used the same password for Primeforums or the email registered, I'd advise you change it asap. 
I am not the type of person to keep this quiet, so thought it was best you guys knew about it.
Also be aware that I managed to speak to the hacker and they are targeting other forums. 
I have since made it so you cannot download a copy of the DB from the myBB admin panel (dumb feature anyway), so this won't happen again. 
Anyhow, sorry guys.
Before anyone starts hating on me, there wasn't much I could do about it.

 

[Random]

Ohhnoes. another forum run by a member's db has been dropped. It's almost like there's a trend. ;p

 

[αяυη]

Ohhnoes. another forum run by a member's db has been dropped. It's almost like there's a trend. ;p

Yeah it sucks man.. This is why I am sceptical of giving anyone Admin apart from myself.
Didn't even know you could remove the option of DB backup in the panel either. 

 

[Random]

Yeah it sucks man.. This is why I am sceptical of giving anyone Admin apart from myself.
Didn't even know you could remove the option of DB backup in the panel either. 

That's why I don't join other forums, and when I do.. I use a completely different alias and don't say who I am ;p

 

[αяυη]

That's why I don't join other forums, and when I do.. I use a completely different alias and don't say who I am ;p

Good idea tbh.
Anyone else who owns a forum I'd suggest removing the database backup option from the admin panel if you haven't already.

 

[Darth Vader]

I have a strong feeling I know who did this. Also, thank you for informing us instead of keeping quiet. I have different passwords for everything I own so I should be okay. Again, thank you for informing us.

 

[αяυη]

I have a strong feeling I know who did this. Also, thank you for informing us instead of keeping quiet. I have different passwords for everything I own so I should be okay. Again, thank you for informing us.

If it helps anyone, I believe the alias they used was "Sp00knshade"

 

[Interested]

If it helps anyone, I believe the alias they used was "Sp00knshade"

Shade FK did this.

He did it before I heard from someone. It will be impossible to stop him.

 

[αяυη]

Bumping this incase people haven't seen it.

 

[Hug-]

wtf? I remove the database backup feature in EVERY FORUM I can.


And I replace it with this:

<img src="http://i.imgur.com/JBP8DSI.png">
<img src="http://i.imgur.com/rTAe3m4.png">
<img src="http://i.imgur.com/wNqK5oG.png">
<img src="http://i.imgur.com/joFfM6D.png">
<img src="http://i.imgur.com/6lMaN0E.png">
<img src="http://i.imgur.com/whvCwKf.png">
<img src="http://i.imgur.com/V9jNuKb.png">
<img src="http://i.imgur.com/USg7yxk.png">
<img src="http://i.imgur.com/96pC506.png">
<img src="http://i.imgur.com/jYX6vc3.png">

 

[Fedora]

Is thsi why I was forced a password change?
Oh well,Luckily I use keyboard spam for my passwords.
Also do you know what info they got?Emails,IPs,Passwors,etc?

 

[Matigo]

This only can happen if you have any kind of vulnerabilities. Before you make a forum public, make sure there is no way to attack/harm the forum as a user perspective. @Hobbs I recommend get good staff that actually know what they are doing.

 

[Hug-]

Is thsi why I was forced a password change?
Oh well,Luckily I use keyboard spam for my passwords.
Also do you know what info they got?Emails,IPs,Passwors,etc?

He got the entire database *

as in all the users, all the posts, ect ect

---

This only can happen if you have any kind of vulnerabilities. Before you make a forum public, make sure there is no way to attack/harm the forum as a user perspective. @Hobbs I recommend get good staff that actually know what they are doing.

Thats not how he hacked le forum. It was a admin/whatever of prime forums fault for getting hacked

 

[Cybering]

@Hobbs delete my account I don't have access and I never use PF

 

[αяυη]

Is thsi why I was forced a password change?
Oh well,Luckily I use keyboard spam for my passwords.
Also do you know what info they got?Emails,IPs,Passwors,etc?

Seemingly all data such as username, password, email. You were asked to change it as a precaution, I have only recently found out about this which is why I made his thread.

This only can happen if you have any kind of vulnerabilities. Before you make a forum public, make sure there is no way to attack/harm the forum as a user perspective. @Hobbs I recommend get good staff that actually know what they are doing.

It wasn't the fault of security, moreso carelessness from an Admin. He got hacked. Anyhow, I am not giving admin to anyone again. I've also removed the download database function.

@Hobbs delete my account I don't have access and I never use PF

We don't delete accounts, I'll ban you.
You are also the idiot who posted there saying "Hobbs you are an idiot, why post this you are giving PF a bad name". Well, I'm not a fucktard who lies to people, that's why.

 

[Cybering]

Seemingly all data such as username, password, email. You were asked to change it as a precaution, I have only recently found out about this which is why I made his thread.

It wasn't the fault of security, moreso carelessness from an Admin. He got hacked. Anyhow, I am not giving admin to anyone again. I've also removed the download database function.


We don't delete accounts, I'll ban you.
You are also the idiot who posted there saying "Hobbs you are an idiot, why post this you are giving PF a bad name". Well, I'm not a fucktard who lies to people, that's why.

Uhm please link me to where I posted that????

 

[αяυη]

Uhm please link me to where I posted that????

I presume you are also Pimp on PF, seeing as you have my award here.
You said:

[font=Lato, Verdana, Arial, sans-serif]"lol your an idiot hobbs its not leaked anywhere you are only making your forum look bad by making it such a big deal"[/font]

 

[Cybering]

I presume you are also Pimp on PF, seeing as you have my award here.
You said:

[font=Lato, Verdana, Arial, sans-serif]"lol your an idiot hobbs its not leaked anywhere you are only making your forum look bad by making it such a big deal"[/font]

That wasn't me and @Lyrics can say that too, I barely to never use PF therefore that account is compromised

 

[αяυη]

That wasn't me and @Lyrics can say that too, I barely to never use PF therefore that account is compromised

Weird, the person wasn't active other than to say that lol.
Anyhow, banned upon your request.

 

[Cybering]

Weird, the person wasn't active other than to say that lol.
Anyhow, banned upon your request.

Np sorry for the misunderstanding