Author |
Message |
Reepicheep
| Posted on Thursday, June 23, 2016 - 11:56 am: |
|
Verticalscope, the company that bought a number of sites, including Motorcycle.com, was running a very old version of vBulletin. Looks like the contact information and hashed password for 45 million users got stolen. http://www.theregister.co.uk/2016/06/16/verticalsc ope_breach/ The passwords were hashed, but weakly, so over time probably half of these passwords will be brute force cracked. Anyway, if you had a password you used there, and used it elsewhere, you probably want to change it everywhere. In general, passwords have never been a very good control, and have always been used way beyond their practical strength. So turn on second factors for authentication everywhere you can for everything sensitive (like banking, email, ecommerce, etc). Passwords alone a fairly weak but low friction control. They are fine for stuff that would just be basically a minor nuisance if the were compromised (for example this site). |
Teeps
| Posted on Thursday, June 23, 2016 - 12:54 pm: |
|
Yeah, I've had email alerts from 2 forums about this. One forum sent an alert and advised changing the password asap. Then a few hours later they changed my already changed password, then emailed info on what is going on. |
Figorvonbuellingham
| Posted on Thursday, June 23, 2016 - 06:37 pm: |
|
I've had several forums change my passwords today. Must be a pretty big breach. |
Teeps
| Posted on Thursday, June 23, 2016 - 06:42 pm: |
|
I'm up to 3 auto password changes as of an hour ago. |
Ourdee
| Posted on Thursday, June 23, 2016 - 10:00 pm: |
|
Vtwin changed mine today. |
Sifo
| Posted on Friday, June 24, 2016 - 08:12 pm: |
|
I had the s10forum change my password yesterday too. Must have been quite a breach. |
Teeps
| Posted on Saturday, June 25, 2016 - 10:27 am: |
|
Got this notice today from AVS forum: http://www.verticalscope.com/about-us/notice-of-da ta-breach.html |
Hybridmomentspass
| Posted on Saturday, June 25, 2016 - 10:30 am: |
|
yep, VS owns a TON of sites, so its spreadinglike wildfire |
Pwnzor
| Posted on Saturday, June 25, 2016 - 04:50 pm: |
|
Sorry, but if you use your forum login for your banking then you are electronically retarded. |
|