Dodian Forums

Go Back   Dodian Forums > Site > News and Updates > Site

Reply
 
Thread Tools Display Modes
Old 05-19-2019   #1
Nozemi
Guest
 
Posts: n/a
Default Handful of Accounts are Breached

The breach was from a leaked database! as we've mentioned multiple times. Don't reuse your passwords. The databases for RSPS projects are commonly leaked or even released. If you've reused your password, we highly recommend changing it asap!

--------------------

I'm highly recommending everyone to use complex passwords! We have just had an incident where someone have gained access to a handful of accounts. If yours is one of the, contact me on Discord, and we'll sort this out.

My theory so far is that someone bruteforced (basically a piece of software designed to try passwords until one is a match) random accounts. Doesn't look like any admin accounts have been affected by this.

I will get this cleaned up, and I also have a theory on where this occurred. I added a temporary fix to prevent this from happening again, but I'm not sure if that was the source for the breach(es).
  Reply With Quote
Old 05-19-2019   #2
Jabast
Moderator
 
Join Date: Jan 2018
Location: Belgium
Posts: 99
Default

Good thing you're on this, hope we can resolve this asap.
Jabast is offline   Reply With Quote
Old 05-19-2019   #3
K B D K0
Registered Member
 
Join Date: Feb 2019
Posts: 7
Default

Can't post anywhere only here, not even allowed to view the portal.
K B D K0 is offline   Reply With Quote
Old 05-19-2019   #4
Nozemi
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by K B D K0 View Post
Can't post anywhere only here, not even allowed to view the portal.
Should now be sorted!
  Reply With Quote
Old 05-19-2019   #5
Nozemi
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by Jabast View Post
Good thing you're on this, hope we can resolve this asap.
It's a bit of work, so hopefully we'll have this cleaned up within the next 12 hours, for everyone
  Reply With Quote
Old 05-19-2019   #6
Kreepy
Registered Member
 
Join Date: Feb 2019
Posts: 19
Default

Sadly this happens from time to time. Glad to see more security added.
Kreepy is offline   Reply With Quote
Old 05-24-2019   #7
Conscio
Premium
 
Join Date: Feb 2019
Posts: 8
Default

Who leaked?
Conscio is offline   Reply With Quote
Old 05-25-2019   #8
Nozemi
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by Conscio View Post
Who leaked?
What do you mean who leaked? Databases for previous projects are leaked all the time. Sometimes databases are hacked as well. It's quite common, not only in RSPS scene, but generally.

So if you're trying to find someone to blame, well... The only people to blame are those who use weak or compromised passwords.
  Reply With Quote
Old 05-26-2019   #9
Conscio
Premium
 
Join Date: Feb 2019
Posts: 8
Default

Quote:
Originally Posted by Nozemi View Post
What do you mean who leaked? Databases for previous projects are leaked all the time. Sometimes databases are hacked as well. It's quite common, not only in RSPS scene, but generally.

So if you're trying to find someone to blame, well... The only people to blame are those who use weak or compromised passwords.
Oh, we have a misunderstanding. In your post you didn't imply that the leak was from long ago, it read to me that this leak was recent.

I asked who leaked so that I know who not to give administrative privileges in the future.
Conscio is offline   Reply With Quote
Old 05-26-2019   #10
Nozemi
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by Conscio View Post
Oh, we have a misunderstanding. In your post you didn't imply that the leak was from long ago, it read to me that this leak was recent.

I asked who leaked so that I know who not to give administrative privileges in the future.
Oh, my bad I guess. Either way, to my knowledge, the current database has not been leaked. I seriously doubt anyone on the staff team would ever leak a database while project is live.

When a project is dead, and server is offline, the files are sometimes shared with people. Which means people might also get their hands on a copy of a previous database.

Personally, if I were to release files, I would remove any information that is sensitive enough (emails, passwords, IPs etc)
  Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 05:46 PM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.