Dodian Forums

Dodian Forums (https://dodian.net/forums.php)
-   Site (https://dodian.net/forumdisplay.php?f=98)
-   -   Handful of Accounts are Breached (https://dodian.net/showthread.php?t=304)

Nozemi 05-19-2019 07:13 AM
Handful of Accounts are Breached
 
The breach was from a leaked database! as we've mentioned multiple times. Don't reuse your passwords. The databases for RSPS projects are commonly leaked or even released. If you've reused your password, we highly recommend changing it asap!

--------------------

I'm highly recommending everyone to use complex passwords! We have just had an incident where someone have gained access to a handful of accounts. If yours is one of the, contact me on Discord, and we'll sort this out.

My theory so far is that someone bruteforced (basically a piece of software designed to try passwords until one is a match) random accounts. Doesn't look like any admin accounts have been affected by this.

I will get this cleaned up, and I also have a theory on where this occurred. I added a temporary fix to prevent this from happening again, but I'm not sure if that was the source for the breach(es).

Jabast 05-19-2019 07:20 AM
Good thing you're on this, hope we can resolve this asap.

K B D K0 05-19-2019 07:55 AM
Can't post anywhere only here, not even allowed to view the portal.

Nozemi 05-19-2019 09:26 AM
Quote:
Originally Posted by K B D K0 (Post 1178)
Can't post anywhere only here, not even allowed to view the portal.
Should now be sorted!

Nozemi 05-19-2019 09:27 AM
Quote:
Originally Posted by Jabast (Post 1177)
Good thing you're on this, hope we can resolve this asap.
It's a bit of work, so hopefully we'll have this cleaned up within the next 12 hours, for everyone :)

Kreepy 05-19-2019 09:57 AM
Sadly this happens from time to time. Glad to see more security added.

Conscio 05-24-2019 07:32 PM
Who leaked?

Nozemi 05-25-2019 06:08 AM
Quote:
Originally Posted by Conscio (Post 1192)
Who leaked?
What do you mean who leaked? Databases for previous projects are leaked all the time. Sometimes databases are hacked as well. It's quite common, not only in RSPS scene, but generally.

So if you're trying to find someone to blame, well... The only people to blame are those who use weak or compromised passwords.

Conscio 05-26-2019 05:52 PM
Quote:
Originally Posted by Nozemi (Post 1195)
What do you mean who leaked? Databases for previous projects are leaked all the time. Sometimes databases are hacked as well. It's quite common, not only in RSPS scene, but generally.

So if you're trying to find someone to blame, well... The only people to blame are those who use weak or compromised passwords.
Oh, we have a misunderstanding. In your post you didn't imply that the leak was from long ago, it read to me that this leak was recent.

I asked who leaked so that I know who not to give administrative privileges in the future.

Nozemi 05-26-2019 07:33 PM
Quote:
Originally Posted by Conscio (Post 1196)
Oh, we have a misunderstanding. In your post you didn't imply that the leak was from long ago, it read to me that this leak was recent.

I asked who leaked so that I know who not to give administrative privileges in the future.
Oh, my bad I guess. Either way, to my knowledge, the current database has not been leaked. I seriously doubt anyone on the staff team would ever leak a database while project is live.

When a project is dead, and server is offline, the files are sometimes shared with people. Which means people might also get their hands on a copy of a previous database.

Personally, if I were to release files, I would remove any information that is sensitive enough (emails, passwords, IPs etc)


All times are GMT -5. The time now is 07:04 PM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.