• Fur Affinity Forums are governed by Fur Affinity's Rules and Policies. Links and additional information can be accessed in the Site Information Forum.

Admin Control Panel

Status
Not open for further replies.

Aquin

Haunted
Never said that. I just feel that many of the things you say makes you a perfect suspect for a hacker.

Dragoneer already knows who did it, no need to suspect.
 

Ainoko

The Wild And Crazy Hybrid
Crap! I haven't seen a thread this busy since the great down-time last year!
 

Pi

Member
An order-by-mail law school!

Evidently.

There's no case law history that I can find indicating that usernames and passwords to private systems are equivalent to actual identifying information such as bank accounts, or taxpayer identification numbers, let alone the theft thereof.
 

net-cat

Infernal Kitty
We are currently working to resolve this issue.

No further discussion on this thread is necessary.
 

yak

Site Developer
Administrator
Conclusion - a human error lead to this happening. It wasn't an exploit or a security hole in the website's coding.

Three accounts were compromised by the person responsible:
* One through means of a password reset, because he has somehow gained access to a user's email
* Another, shortly afterwards, because of a human error
* And yet another one because of the infamous millenia-old password list that has leaked out of FA long ago. Cross-check of that list with the current DB showed that 738 people had the same, thousand year old passwords as on the list. Their passwords were reset.

Fortunately the attacker here was too preoccupied being a leet haxxor and made much less damage then he could have made otherwise.
 
Status
Not open for further replies.
Top