collapse

* Simple Portal Archived Forum

This is an Archive Forum.

The content in this forum may be out-of-date or have been superseded by newer information, and links in forum pages to other sites may not work.
This forum contains archives for future reference.

Visit our thread at Simple Machines Forum for current support.

SMF 2.1 users: EhPortal is a ported version of Simple Portal specifically designed for the SMF 2.1 branch.
Please visit web-develop.ca to download EhPortal and for its support.

* User Info

 
 
Welcome, Guest. Please login or register.

* Who's Online

  • Dot Guests: 329
  • Dot Hidden: 0
  • Dot Users: 0

There aren't any users online.

* Shoutbox

Refresh History
  • Shoutbox is not for support!
  • {OCS}MasterSeal: Yup, Still adore SP
    April 21, 2019, 07:08:06 PM
  • {OCS}MasterSeal: STILL love SP :)
    November 24, 2018, 05:05:50 AM
  • ♦ Ninja ZX-10RR ♦: <3 aegersz
    September 13, 2018, 03:36:09 PM
  • aegersz: I STILL <3 LOVE SimplePortal
    September 13, 2018, 07:11:39 AM
  • aegersz: o LOVE you guys - Simple Portal rocks !
    May 09, 2018, 05:18:59 AM
  • Chen Zhen: our apologies for the site being down.. please read server issues topic
    March 22, 2018, 05:32:38 AM
  • {OCS}MasterSeal: LOL PLEASE forget I just posted that. I found the answer in my own dang post back in 2015. lol sorry!
    July 04, 2017, 10:47:55 PM
  • {OCS}MasterSeal: I know this SB isnt' for support, but I just have a general question. Who would I contact to find out where SP stores its block info? Is it DB driven or files? I searched the site but came up with nothing. probably my fault any insight is appreciated.
    July 04, 2017, 10:43:36 PM
  • ♦ Ninja ZX-10RR ♦: Excuse me but what does Simpleportal have to deal with that?
    February 05, 2017, 08:21:14 PM
  • WhiteEagle: of course IMHO that site appears to be dead :(
    February 04, 2017, 01:08:05 PM
  • WhiteEagle: If I can get that, then I'll use it for that site...
    February 04, 2017, 01:07:35 PM
  • WhiteEagle: decided to not use SMF for any projects, unless I can get a copy of the premium version of the fanfiction archive plugin
    February 04, 2017, 01:06:54 PM
  • expertdecisions: cloudflare
    January 28, 2017, 08:01:47 AM
  • aegersz: SM release 2.0.13 !
    January 12, 2017, 06:00:13 AM
  • raffo: Tks Emanuele, even if I didn't understand the fix :D
    November 07, 2016, 02:01:20 AM
  • emanuele: [link]
    November 01, 2016, 12:43:50 PM
  • emanuele: raffo: the English support board is a good place. ;)
    November 01, 2016, 12:43:38 PM
  • raffo: Where can I find the fix for the shoutbox?
    November 01, 2016, 05:06:09 AM
  • {OCS}MasterSeal: To the SP team, I make a point to come here and thank you as much as possible for your work.  so again, THANK YOU!
    October 28, 2016, 10:38:05 AM
  • emanuele: That's indeed funny, the limit is present only in the patch and not the full install.
    October 22, 2016, 06:14:58 PM

* Recent Posts

Adding Forums Button to Nav bar by jirapon
[August 01, 2019, 09:07:12 AM]


Re: Board Icons by ♦ Ninja ZX-10RR ♦
[July 30, 2019, 04:03:41 PM]


MOVED: Czech translation???? by ♦ Ninja ZX-10RR ♦
[July 30, 2019, 03:04:51 PM]


Board Icons by jirapon
[July 30, 2019, 07:28:44 AM]


Re: Thankyou Simpleportal, by ♦ Ninja ZX-10RR ♦
[July 29, 2019, 09:41:29 AM]

Thanks for having an interest with our portal. If you have any requests for features, have a look at the Feature Requests board.

Author Topic: Security Breach on Community Forums  (Read 39271 times)

0 Members and 1 Guest are viewing this topic.

Offline [SiNaN]

  • Mr. SimplePortal
  • Developer
  • *
  • Posts: 6782
  • SMF Version: 2.0.15
  • SP Version: 2.3.7
Security Breach on Community Forums
« on: June 20, 2016, 05:14:22 PM »
Dear SimplePortal community members,

On 17 June 2016, we discovered that unauthorized access to our website and database had been obtained on 16 June 2016. We determined that the unauthorized access has been obtained using stolen credentials of a high-level user.

We would like to make it clear that your personal SimplePortal installations were not affected in any way by this. We would like to assure you that your installations running the latest versions of SimplePortal and SMF should be safe. The unauthorized access was restricted to just our website.

The hacker attempted to download our database, but as of yet we are not certain that it was successful. Regardless, it's possible that your usernames, emails and hashed passwords have been retrieved by the attacker.

For this reason, we would like you to change your passwords for this website and we strongly advise you to change your passwords on any other website where you may have been using the same passwords.  Using unique passwords on all websites is very important to prevent such attacks. Note that, if you had shared passwords using personal messaging system, they can no longer be considered safe and needs to be changed as well.

To ensure the safety of our website, we have updated all the relevant credentials and rebuilt our installation from the ground up. We will implement stricter security policies in the coming days to make sure that such an unfortunate event does not happen again.

We are truly sorry for what happened and we deeply apologize for the inconvenience this has caused. We hope that you will continue to support us to make SimplePortal a better portal solution for your forums.

-The SimplePortal Team
« Last Edit: June 23, 2016, 04:44:20 PM by Eliana Tamerin »
And slowly, you come to realize... It's all as it should be...

Offline Jade Elizabeth

  • Comrade
  • *
  • Posts: 1146
  • Gender: Female
    • Jades-World
  • SMF Version: None
  • SP Version: None
Re: Security Breach on Community Forums
« Reply #1 on: June 24, 2016, 12:56:44 AM »
At 6:35 am [Melb, Aus] on the 16th June my Twitter and email were hacked into and my identity and Twitter handle stolen (which I have used online since 2005).

I was lucky to have my identity returned to me on the 21st after 5 days of stressing and feeling sick. I have an IP and more information if you want to compare records to see if it was the same criminal.
Jade Elizabeth
(Ex Language Coordinator)
Owner of Awesome Crazy (the home of the insane),
Color Me Forum (For Adult Coloring Enthusiasts), and
Creative Burrow (A place for creative people).

Offline emanuele

  • Developer
  • *
  • Posts: 293
Re: Security Breach on Community Forums
« Reply #2 on: June 24, 2016, 04:41:35 AM »
Say the truth: it was you that stolen your own identity and hacked SP!!! :P

Offline Eliana Tamerin

  • Comrade
  • *
  • Posts: 2889
  • Gender: Female
  • SMF Version: 2 RC2
  • SP Version: 2.3.2
Re: Security Breach on Community Forums
« Reply #3 on: June 24, 2016, 06:11:38 PM »
See, if I'd stolen your identity, all I would do is order a pizza on your tab. :P
Ms. Eliana TamerinIt should be painfully obvious by now that I don't respond to support PMs. Don't send me PMs for support. They will be ignored and deleted, post on the Support Boards to get support.


Offline JBlaze

  • Comrade
  • *
  • Posts: 138
  • Gender: Male
Re: Security Breach on Community Forums
« Reply #5 on: June 24, 2016, 07:25:47 PM »
This just highlights the importance of not reusing the same password across applications :)

Offline Jade Elizabeth

  • Comrade
  • *
  • Posts: 1146
  • Gender: Female
    • Jades-World
  • SMF Version: None
  • SP Version: None
Re: Security Breach on Community Forums
« Reply #6 on: June 25, 2016, 10:01:50 PM »
This just highlights the importance of not reusing the same password across applications :)

I DIDN'T though. The password on my Twitter was half of the password here plus some extra characters at the start and end.

Like if I used ChUrumuStUhu6ut SP was using that and Twitter was using jblazeStUhu6ut2001 for example. Both different but still slightly similar.

Say the truth: it was you that stolen your own identity and hacked SP!!! :P

Ha ha if you want this jerks IP I can send it on but I think it was spoofed.
Jade Elizabeth
(Ex Language Coordinator)
Owner of Awesome Crazy (the home of the insane),
Color Me Forum (For Adult Coloring Enthusiasts), and
Creative Burrow (A place for creative people).

Offline ccbtimewiz

  • Hero Member
  • *****
  • Posts: 2185
  • Gender: Male
  • $("div.content:dd").hide();
  • SMF Version: None
  • SP Version: None
  • Elkarte Version: None
  • EhPortal Version: None
Re: Security Breach on Community Forums
« Reply #7 on: June 26, 2016, 06:14:55 PM »
This is pretty serious news, thanks for the heads up. I already went and changed a lot of my passwords just in case.

Though, why was Jade Elizabeth a High-Level user in the first place?

Offline ♦ Ninja ZX-10RR ♦

  • Spammer Hammer
  • Support
  • *
  • Posts: 1193
  • Gender: Male
  • Sniper Legends
    • Virtual Interactive Games Entertainment™
  • SMF Version: 2.0.13
  • SP Version: 2.3.6
  • Elkarte Version: 1.0.6
Re: Security Breach on Community Forums
« Reply #8 on: June 26, 2016, 06:23:29 PM »
She wasn't, that is another hack happened on another site that compromised *exclusively* her account. This side hack (merely a coincidence) has nothing to deal with SimplePortal accounts other than hers ;)

As a reference, the site that was hacked and caused Jade's account to be compromised (although nobody other than her actually managed to log in), was this: http://www.twitt3d.com/ (and it's still hacked as of now).
Have you tried SimplePortal Documentation before asking? ;)
F.A.Q.  English Support  |  Blocks Support
Fancy Feature idea ?!  |  Blocks Requests
Themes & Graphics

? My job! ?No PMs for support unless it's a paid request. Thank you! :)#OpIsis

Offline ccbtimewiz

  • Hero Member
  • *****
  • Posts: 2185
  • Gender: Male
  • $("div.content:dd").hide();
  • SMF Version: None
  • SP Version: None
  • Elkarte Version: None
  • EhPortal Version: None
Re: Security Breach on Community Forums
« Reply #9 on: June 26, 2016, 11:57:49 PM »
She wasn't, that is another hack happened on another site that compromised *exclusively* her account. This side hack (merely a coincidence) has nothing to deal with SimplePortal accounts other than hers ;)

... that would mean her account here is a high level user?

Offline emanuele

  • Developer
  • *
  • Posts: 293
Re: Security Breach on Community Forums
« Reply #10 on: June 27, 2016, 02:21:53 AM »
I wonder where you are reading that Jade's account was the entrance point for SP hacking, mind explaining?

Offline Jade Elizabeth

  • Comrade
  • *
  • Posts: 1146
  • Gender: Female
    • Jades-World
  • SMF Version: None
  • SP Version: None
Re: Security Breach on Community Forums
« Reply #11 on: June 27, 2016, 02:36:44 AM »
This is pretty serious news, thanks for the heads up. I already went and changed a lot of my passwords just in case.

Though, why was Jade Elizabeth a High-Level user in the first place?

My account here is not a high level user, you'd have to be an ADMIN to get the kind of access from the first post. I was hacked on twitter at the same time and suspected similar people may have done it because I have an account here and its password is similar to my twitter, my twitter was half of the password here which is letters and numbers FYI.

At 6:35 am [Melb, Aus] on the 16th June my Twitter and email were hacked into and my identity and Twitter handle stolen (which I have used online since 2005).

I was lucky to have my identity returned to me on the 21st after 5 days of stressing and feeling sick. I have an IP and more information if you want to compare records to see if it was the same criminal.

My post, with highlights because you misunderstood.
Jade Elizabeth
(Ex Language Coordinator)
Owner of Awesome Crazy (the home of the insane),
Color Me Forum (For Adult Coloring Enthusiasts), and
Creative Burrow (A place for creative people).

Offline Eliana Tamerin

  • Comrade
  • *
  • Posts: 2889
  • Gender: Female
  • SMF Version: 2 RC2
  • SP Version: 2.3.2
Re: Security Breach on Community Forums
« Reply #12 on: June 27, 2016, 05:23:51 AM »
Jade's talking about something separate, but topically related.
Ms. Eliana TamerinIt should be painfully obvious by now that I don't respond to support PMs. Don't send me PMs for support. They will be ignored and deleted, post on the Support Boards to get support.

Offline ccbtimewiz

  • Hero Member
  • *****
  • Posts: 2185
  • Gender: Male
  • $("div.content:dd").hide();
  • SMF Version: None
  • SP Version: None
  • Elkarte Version: None
  • EhPortal Version: None
Re: Security Breach on Community Forums
« Reply #13 on: June 27, 2016, 01:50:32 PM »
Ah, I see now. For some reason I thought Jade was this person Sinan was speaking about since she was talking about getting hacked on a different site lol. I thought maybe she since got hacked on another site they reused information on this site.


Offline Jade Elizabeth

  • Comrade
  • *
  • Posts: 1146
  • Gender: Female
    • Jades-World
  • SMF Version: None
  • SP Version: None
Re: Security Breach on Community Forums
« Reply #14 on: July 01, 2016, 09:05:06 AM »
Nah my account was so secure here I couldn't get into it XD.
Jade Elizabeth
(Ex Language Coordinator)
Owner of Awesome Crazy (the home of the insane),
Color Me Forum (For Adult Coloring Enthusiasts), and
Creative Burrow (A place for creative people).

Offline [SiNaN]

  • Mr. SimplePortal
  • Developer
  • *
  • Posts: 6782
  • SMF Version: 2.0.15
  • SP Version: 2.3.7
Re: Security Breach on Community Forums
« Reply #15 on: July 03, 2016, 06:50:33 AM »
Nah my account was so secure here I couldn't get into it XD.

This gave me a good laugh. Thank you for that!
And slowly, you come to realize... It's all as it should be...

Offline megpol

  • Just Registered
  • Posts: 1
  • SMF Version: 2.0.13
  • SP Version: 2.3.6
Re: Security Breach on Community Forums
« Reply #16 on: July 01, 2017, 05:11:03 AM »
This just highlights the importance of not reusing the same password across applications :)
Kitchenlola to get reviews.

For me having different passwords is not enough. I change them every year on all accounts just for safety measure because every year I keep hearing about some zero day exploits or accounts stolen. And Sinan's announcement just proves my point.
« Last Edit: June 25, 2018, 05:59:31 AM by megpol »