collapse

* User Info

 
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

* Who's Online

  • Dot Guests: 242
  • Dot Hidden: 0
  • Dot Users: 1
  • Dot Users Online:

* Shoutbox

Refresh History
  • Shoutbox is not for support!
  • ♦ Ninja ZX-10RR ♦: Excuse me but what does Simpleportal have to deal with that?
    February 05, 2017, 08:21:14 pm
  • WhiteEagle: of course IMHO that site appears to be dead :(
    February 04, 2017, 01:08:05 pm
  • WhiteEagle: If I can get that, then I'll use it for that site...
    February 04, 2017, 01:07:35 pm
  • WhiteEagle: decided to not use SMF for any projects, unless I can get a copy of the premium version of the fanfiction archive plugin
    February 04, 2017, 01:06:54 pm
  • expertdecisions: cloudflare
    January 28, 2017, 08:01:47 am
  • aegersz: SM release 2.0.13 !
    January 12, 2017, 06:00:13 am
  • raffo: Tks Emanuele, even if I didn't understand the fix :D
    November 07, 2016, 02:01:20 am
  • emanuele: [link]
    November 01, 2016, 12:43:50 pm
  • emanuele: raffo: the English support board is a good place. ;)
    November 01, 2016, 12:43:38 pm
  • raffo: Where can I find the fix for the shoutbox?
    November 01, 2016, 05:06:09 am
  • [DFg]DJF-1975: To the SP team, I make a point to come here and thank you as much as possible for your work.  so again, THANK YOU!
    October 28, 2016, 10:38:05 am
  • emanuele: That's indeed funny, the limit is present only in the patch and not the full install.
    October 22, 2016, 06:14:58 pm
  • phantomm: and from what I see only patch is broken, full install package is fine
    October 21, 2016, 03:44:44 pm
  • phantomm: they say it for over 3 weeks now..
    October 21, 2016, 03:43:52 pm
  • aegersz: SMF say that bug fix 2.0.13 is coming soon ...
    October 19, 2016, 06:46:12 pm
  • Chen Zhen: check that thread at a later date as that file is not a final fix
    October 10, 2016, 03:09:18 pm
  • [DFg]DJF-1975: Thanks for the shoutbox fix file!
    October 10, 2016, 09:17:19 am
  • * Burke Knight Lurks
    October 02, 2016, 09:17:45 pm
  • [DFg]DJF-1975: Not to shoutbox spam, but I use this portal daily and I wanted to say thank you. It's been too long since I last thanked you all!
    October 02, 2016, 11:52:06 am

* Recent Posts

Re: Smfpacks shout box width by Gaza07
[Today at 07:18:33 am]


Re: Smfpacks shout box width by emanuele
[Today at 06:33:45 am]


Smfpacks shout box width by Gaza07
[Yesterday at 09:08:31 pm]


Re: About group members post colors by Strozzie
[June 11, 2017, 12:50:31 pm]


Re: About group members post colors by ♦ Ninja ZX-10RR ♦
[June 11, 2017, 09:43:01 am]

Installation errors? Mod incompatibilities? Upgrade problems? Make your way over to the Install and Upgrade Support board for all your solutions!

Author Topic: Security Breach on Community Forums  (Read 20395 times)

0 Members and 1 Guest are viewing this topic.

Offline [SiNaN]

  • Mr. SimplePortal
  • Developer
  • *
  • Posts: 6782
  • SMF Version: 2.0.10
  • SP Version: 2.3.6
Security Breach on Community Forums
« on: June 20, 2016, 05:14:22 pm »
Dear SimplePortal community members,

On 17 June 2016, we discovered that unauthorized access to our website and database had been obtained on 16 June 2016. We determined that the unauthorized access has been obtained using stolen credentials of a high-level user.

We would like to make it clear that your personal SimplePortal installations were not affected in any way by this. We would like to assure you that your installations running the latest versions of SimplePortal and SMF should be safe. The unauthorized access was restricted to just our website.

The hacker attempted to download our database, but as of yet we are not certain that it was successful. Regardless, it's possible that your usernames, emails and hashed passwords have been retrieved by the attacker.

For this reason, we would like you to change your passwords for this website and we strongly advise you to change your passwords on any other website where you may have been using the same passwords.  Using unique passwords on all websites is very important to prevent such attacks. Note that, if you had shared passwords using personal messaging system, they can no longer be considered safe and needs to be changed as well.

To ensure the safety of our website, we have updated all the relevant credentials and rebuilt our installation from the ground up. We will implement stricter security policies in the coming days to make sure that such an unfortunate event does not happen again.

We are truly sorry for what happened and we deeply apologize for the inconvenience this has caused. We hope that you will continue to support us to make SimplePortal a better portal solution for your forums.

-The SimplePortal Team
« Last Edit: June 23, 2016, 04:44:20 pm by Eliana Tamerin »
And slowly, you come to realize... It's all as it should be...

Offline Jade Elizabeth

  • Comrade
  • *
  • Posts: 1146
  • Gender: Female
    • Jades-World
  • SMF Version: None
  • SP Version: None
Re: Security Breach on Community Forums
« Reply #1 on: June 24, 2016, 12:56:44 am »
At 6:35 am [Melb, Aus] on the 16th June my Twitter and email were hacked into and my identity and Twitter handle stolen (which I have used online since 2005).

I was lucky to have my identity returned to me on the 21st after 5 days of stressing and feeling sick. I have an IP and more information if you want to compare records to see if it was the same criminal.
Jade Elizabeth
(Ex Language Coordinator)
Owner of Awesome Crazy (the home of the insane),
Color Me Forum (For Adult Coloring Enthusiasts), and
Creative Burrow (A place for creative people).

Offline emanuele

  • Developer
  • *
  • Posts: 280
Re: Security Breach on Community Forums
« Reply #2 on: June 24, 2016, 04:41:35 am »
Say the truth: it was you that stolen your own identity and hacked SP!!! :P

Offline Eliana Tamerin

  • Project Manager
  • *
  • Posts: 2892
  • Gender: Female
  • SMF Version: 2 RC2
  • SP Version: 2.3.2
Re: Security Breach on Community Forums
« Reply #3 on: June 24, 2016, 06:11:38 pm »
See, if I'd stolen your identity, all I would do is order a pizza on your tab. :P
Ms. Eliana Tamerin

It should be painfully obvious by now that I don't respond to support PMs. Don't send me PMs for support. They will be ignored and deleted, post on the Support Boards to get support.


Offline JBlaze

  • Comrade
  • *
  • Posts: 138
  • Gender: Male
Re: Security Breach on Community Forums
« Reply #5 on: June 24, 2016, 07:25:47 pm »
This just highlights the importance of not reusing the same password across applications :)

Offline Jade Elizabeth

  • Comrade
  • *
  • Posts: 1146
  • Gender: Female
    • Jades-World
  • SMF Version: None
  • SP Version: None
Re: Security Breach on Community Forums
« Reply #6 on: June 25, 2016, 10:01:50 pm »
This just highlights the importance of not reusing the same password across applications :)

I DIDN'T though. The password on my Twitter was half of the password here plus some extra characters at the start and end.

Like if I used ChUrumuStUhu6ut SP was using that and Twitter was using jblazeStUhu6ut2001 for example. Both different but still slightly similar.

Say the truth: it was you that stolen your own identity and hacked SP!!! :P

Ha ha if you want this jerks IP I can send it on but I think it was spoofed.
Jade Elizabeth
(Ex Language Coordinator)
Owner of Awesome Crazy (the home of the insane),
Color Me Forum (For Adult Coloring Enthusiasts), and
Creative Burrow (A place for creative people).

Offline Sayaka

  • Hero Member
  • *****
  • Posts: 2172
  • Gender: Male
  • $("div.content:dd").hide();
  • SMF Version: 2.0.13
  • SP Version: 2.3.6
  • Elkarte Version: None
Re: Security Breach on Community Forums
« Reply #7 on: June 26, 2016, 06:14:55 pm »
This is pretty serious news, thanks for the heads up. I already went and changed a lot of my passwords just in case.

Though, why was Jade Elizabeth a High-Level user in the first place?

Online ♦ Ninja ZX-10RR ♦

  • Spammer Hammer
  • Support
  • *
  • Posts: 1144
  • Gender: Male
  • Sniper Legends
    • Virtual Interactive Games Entertainment™
  • SMF Version: 2.0.13
  • SP Version: 2.3.6
  • Elkarte Version: 1.0.6
Re: Security Breach on Community Forums
« Reply #8 on: June 26, 2016, 06:23:29 pm »
She wasn't, that is another hack happened on another site that compromised *exclusively* her account. This side hack (merely a coincidence) has nothing to deal with SimplePortal accounts other than hers ;)

As a reference, the site that was hacked and caused Jade's account to be compromised (although nobody other than her actually managed to log in), was this: http://www.twitt3d.com/ (and it's still hacked as of now).
Have you tried SimplePortal Documentation before asking? ;)
F.A.Q.  English Support  |  Blocks Support
Fancy Feature idea ?!  |  Blocks Requests
Themes & Graphics

▼ My job! ▼

No PMs for support unless it's a paid request. Thank you! :)
#OpIsis

Offline Sayaka

  • Hero Member
  • *****
  • Posts: 2172
  • Gender: Male
  • $("div.content:dd").hide();
  • SMF Version: 2.0.13
  • SP Version: 2.3.6
  • Elkarte Version: None
Re: Security Breach on Community Forums
« Reply #9 on: June 26, 2016, 11:57:49 pm »
She wasn't, that is another hack happened on another site that compromised *exclusively* her account. This side hack (merely a coincidence) has nothing to deal with SimplePortal accounts other than hers ;)

... that would mean her account here is a high level user?

Offline emanuele

  • Developer
  • *
  • Posts: 280
Re: Security Breach on Community Forums
« Reply #10 on: June 27, 2016, 02:21:53 am »
I wonder where you are reading that Jade's account was the entrance point for SP hacking, mind explaining?

Offline Jade Elizabeth

  • Comrade
  • *
  • Posts: 1146
  • Gender: Female
    • Jades-World
  • SMF Version: None
  • SP Version: None
Re: Security Breach on Community Forums
« Reply #11 on: June 27, 2016, 02:36:44 am »
This is pretty serious news, thanks for the heads up. I already went and changed a lot of my passwords just in case.

Though, why was Jade Elizabeth a High-Level user in the first place?

My account here is not a high level user, you'd have to be an ADMIN to get the kind of access from the first post. I was hacked on twitter at the same time and suspected similar people may have done it because I have an account here and its password is similar to my twitter, my twitter was half of the password here which is letters and numbers FYI.

At 6:35 am [Melb, Aus] on the 16th June my Twitter and email were hacked into and my identity and Twitter handle stolen (which I have used online since 2005).

I was lucky to have my identity returned to me on the 21st after 5 days of stressing and feeling sick. I have an IP and more information if you want to compare records to see if it was the same criminal.

My post, with highlights because you misunderstood.
Jade Elizabeth
(Ex Language Coordinator)
Owner of Awesome Crazy (the home of the insane),
Color Me Forum (For Adult Coloring Enthusiasts), and
Creative Burrow (A place for creative people).

Offline Eliana Tamerin

  • Project Manager
  • *
  • Posts: 2892
  • Gender: Female
  • SMF Version: 2 RC2
  • SP Version: 2.3.2
Re: Security Breach on Community Forums
« Reply #12 on: June 27, 2016, 05:23:51 am »
Jade's talking about something separate, but topically related.
Ms. Eliana Tamerin

It should be painfully obvious by now that I don't respond to support PMs. Don't send me PMs for support. They will be ignored and deleted, post on the Support Boards to get support.

Offline Sayaka

  • Hero Member
  • *****
  • Posts: 2172
  • Gender: Male
  • $("div.content:dd").hide();
  • SMF Version: 2.0.13
  • SP Version: 2.3.6
  • Elkarte Version: None
Re: Security Breach on Community Forums
« Reply #13 on: June 27, 2016, 01:50:32 pm »
Ah, I see now. For some reason I thought Jade was this person Sinan was speaking about since she was talking about getting hacked on a different site lol. I thought maybe she since got hacked on another site they reused information on this site.


Offline Jade Elizabeth

  • Comrade
  • *
  • Posts: 1146
  • Gender: Female
    • Jades-World
  • SMF Version: None
  • SP Version: None
Re: Security Breach on Community Forums
« Reply #14 on: July 01, 2016, 09:05:06 am »
Nah my account was so secure here I couldn't get into it XD.
Jade Elizabeth
(Ex Language Coordinator)
Owner of Awesome Crazy (the home of the insane),
Color Me Forum (For Adult Coloring Enthusiasts), and
Creative Burrow (A place for creative people).

Offline [SiNaN]

  • Mr. SimplePortal
  • Developer
  • *
  • Posts: 6782
  • SMF Version: 2.0.10
  • SP Version: 2.3.6
Re: Security Breach on Community Forums
« Reply #15 on: July 03, 2016, 06:50:33 am »
Nah my account was so secure here I couldn't get into it XD.

This gave me a good laugh. Thank you for that!
And slowly, you come to realize... It's all as it should be...