Boards.ie Attack - What Happened? Please post all questions here.

Spiritoftheseventies

can i ask this again. where any old email and passwords compromised. in other words what emails are stored here. the new ones or the ones we signed up with.

Ross

Adverts.ie should be back and fully operational now.

cabrwab

Its being a long few days without boards.

Well done and welcom back

My life can return to normal now

coldwood92

Well done folks
by the way I didn't get an e-mail

ethernet

Appreciated the prompt and extensive disclosure.

Very well handled. Well done!

DeVore

Just a quick note to say that i've been reading all day (since Dav woke me up!). I wont add more to the lads answers, they know the details best.


The biggest delay we had was finding somewhere that would send 300,000 emails at short notice for us. That sort of bulk email sending is a lot trickier then you might think!

Ultimately the Daft tech guys pulled a solution together for us and helped us out. For which, much thanks by the way!


Finally I would like to publically thank the Boards HQ team, they didnt panic, they took the correct actions and they have worked hard these last 72 hours. Well played lads.

DeV.

Daemos

I bet this went down exactly like it did in Digital Fortress

Mutation strings is the key

DeVore

coldwood92 wrote: »

Well done folks
by the way I didn't get an e-mail

We didnt email passwords out, the email you were sent simply outlined what had happened.

If you want your new password, best to use our "Recover Password" link here: www.boards.ie/changepassword

DeV.

muffler

Spiritoftheseventies wrote: »

can i ask this again. where any old email and passwords compromised. in other words what emails are stored here. the new ones or the ones we signed up with.

Thats a fair question and deserving of an answer.

Ross

Spiritoftheseventies wrote: »

can i ask this again. where any old email and passwords compromised. in other words what emails are stored here. the new ones or the ones we signed up with.

If you changed your email address since registering, that initial email address was wiped from the system whenever you changed it. We only store one email address per user.

muffler

Good man Ross, cheers.

But did it not say in yesterdays announcement to log in/look for new password using the email that was used when registering?

Overheal

I have some leaked CCTV footage of the Server attack

https://www.youtube.com/watch?v=VClqslVtQB4

The first couple minutes everything's normal, like in the Basketball and Parenting forum... [skip to minute 3:00] Ah Trojan unzips into a hacker .exe!

Ross [oh wait its Ross] Ross is like My God! But You can see where Ross shuts boards down in order to save our passwords. A true Hero. Hacker gets upset and trashes about the Aviation board.

Ross

muffler wrote: »

Good man Ross, cheers.

But did it not say in yesterdays announcement to log in/look for new password using the email that was used when registering?

No problemo!

Yeah, couple of 16 hour days back to back and I think we were all a little tired, simply failed to occur to any of us that the "email you registered with" would actually mean something entirely different to someone who'd been knocking around long enough to have changed their email address.

Xavi6 pointed it out earlier and I updated the front page and Q&A.

Amhran Nua

Conor wrote: »

So far, my experience of the Garda computer crime people has been very positive.

I've no doubt they are perfectly happy for people to keep underestimating them though...

6th

Conor wrote: »

So far, my experience of the Garda computer crime people has been very positive.

Very happy to hear that.

Duiske

DeVore wrote: »

Finally I would like to publically thank the Boards HQ team, they didnt panic, they took the correct actions and they have worked hard these last 72 hours. Well played lads.

DeV.

I think most here would totally agree with that. Looking at it from the average users point of view, it seems to have been extremely well handled.

I don't know if there was a specific plan in place to deal with an issue such as this, or if it was good management of the situation on the fly, but like I say, whatever it was it worked very well. Good job people.

m5ex9oqjawdg2i

It was unfortunate for this to happen to boards, but the team handled the situation very well... Great job so far

evercloserunion

1. Society's increasing tolerance of homosexuality.

2. This.

IS NO ONE SEEING THE CONNECTION

The_Hustler

I never recieved an email informing me that this had happened.

I did, however, get an email from paypal saying my account has been compromised :mad:

RoundyMooney

stainluss

How hard would it be to trace the eejits that 'compromised' the site?

Hope ye catch them anyway lads:D

tos

Just to let you know:
I didn't get a notification email about this, I only know because I overheard someone mention it at work yesterday, so came on today to check and change my password. That means there might be other non-frequent users out there who didn't get an email (and didn't see the Six-one news that day etc etc) and don't know about this.

Sherifu

tos wrote: »

Just to let you know:
I didn't get a notification email about this, I only know because I overheard someone mention it at work yesterday, so came on today to check and change my password. That means there might be other non-frequent users out there who didn't get an email (and didn't see the Six-one news that day etc etc) and don't know about this.

A fair few users didn't get any from what I saw on twitter. Me being another one for example.

Dav

This is something we're looking into too folks, there are a lot of people who didn't get it - I actually didn't get it myself to my personal account. I'll be talking to the Daft guys who helped us out with the mass-mail for us just to see what was involved and what might have gone ary.

Dav

evercloserunion

Yeah just in case it matters to someone, I never got an email about it either.

I'm not that bothered by it, since it would be hard not to find out some way or another that this had occurred. But if an email was supposed to go out to everyone, there might be a problem with that system.

Anyway, because I didn't say it earlier, thanks to the site owners and all involved for getting the site back up so quickly and for keeping us all informed.

shellyb73

Hi Guys, relatively new to boards but thought the way in which you communicated to your users was exceptionally professional. I look forward to many years using your site..:)

ZeRoY

How did you guys managed to get the Admin Account hacked? Silly password or something? Thats what i'd like to know

On the comm side only someone told me otherwise no emails, nada

The_Hustler

The_Hustler wrote: »

I never recieved an email informing me that this had happened.

I did, however, get an email from paypal saying my account has been compromised :mad:

Shared password or unrelated?

A lot of phishing mails doing the rounds at the moment.

ZeRoY

The_Hustler wrote: »

I never recieved an email informing me that this had happened.

I did, however, get an email from paypal saying my account has been compromised :mad:

lol - using same password on a massive public forum and Paypal or email account? You have only yourself to blame dude :rolleyes:

I've one question about the admin account that was hacked:

Was it a specific admin account, i.e. one of the current admins? Obviously the individual's name would not be mentioned. Or, did the people who gained access to the admincp find a way to do so without getting into a specific admin account?