Jump to content

Regarding The Alleged Security Breach (Important)


Recommended Posts

Roughly 10 hours ago, someone made a Reddit post on /r/ss13 displaying what they claimed to be hashed passwords acquired from one of our (unspecified) databases.


After a short bit of investigation by our staff, thank you Arrow768 for that, we determined that, with the evidence currently presented, we have determined that the leak is bogus. The hashes presented do not match any hashing format that we use to store passwords on our databases. After a sweep of all logs and other security measures, no further evidence of a compromised database was found. As such, we are led to believe that our databases are not compromised until further evidence is presented.


If anyone has any questions, comments, or concerns about this incident in specific, or regarding the security measures we use, then feel free to ask.


Also, while this specific leak may be bogus, no system is 100% secure! Keep in mind the fact that if someone really wants to fuck with us, or with you, they will eventually do it! Provided they're driven enough, anyways. This is why you should follow the following steps as standard MO:

  • Change your password after even a potential leak (right now included).
  • Don't reuse passwords, it's a horrible practice.
  • If possible, use unique emails per site (Gmail has a fancy way of doing it, if memory serves), or at least two emails, one for junk sites, one for srs bsns.
  • Use strong, unique passwords for every site.
  • Enable 2 Factor Authentication whenever possible! Specially if you have access to sensitive services, such as GitHub or for your password manager!
  • Use a credible password manager with a strong master password. Or use a physical method of password storage, if you're old school, a piece of paper works.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...