Security Breach

Myrthos

Cave Canem
Administrator
Joined
August 30, 2006
Messages
11,223
In case you missed the announcement that is on the top of every forum page (for the next 4 weeks), here is the same text:
Because of a security breach, you will have to provide a new password for accessing the forums.
If, for whatever reason, you are not told to change your password when you try to login to the forums, please initiate this action yourself. Note that changing your password will only work, if you also provide a valid email address as you are send a mail with a verification link after changing your password. Make sure to check your spam folder as well if you don't receive the mail in your mailbox.

For the record, this is the link: https://www.rpgwatch.com/forums/profile.php?do=editpassword

If you are unable to change your password, contact us, so we can assist you.
 
Last edited:
Joined
Aug 30, 2006
Messages
11,223
The issue was that a security issue resulted in someone to upload a PHP script. From that script it would potentially be possible to access configuration files and even access the RPGWatch database. As non-failing PHP actions are not logged, I cannot be sure if this did or did not happen, so I assume the worst and just want everyone to change their password.
 
Joined
Aug 30, 2006
Messages
11,223
This is a post in case anyone else faces the same problem I did. The change password link did not work for me after the login, and the page continually reloaded. You can just click on the login screen that you forgot your password and it will automatically be reset. You will get an email with a link and a new working password that you probably will want to change. This is more involved than being able to change your password directly through the link, but it worked for me.
 
Joined
Jan 29, 2014
Messages
2,717
Location
Vienna, Austria
The link doesn't work if you accessed it from the home page of RPGWatch. If you accessed it from the forums page it should work.
 
Joined
Aug 30, 2006
Messages
11,223
One odd thing is when rpgwatch came up i received this email:

From:
DragonByte Security has detected that your account has been the subject of a breach on another site. We recommend you change your password and enable two-factor authentication to stop your account from being a target of further breaches.

Astropid (astropid.com) happened on December 19th, 2013, added to the system on 05:49, 6th Jul 2014
Battlefield Heroes (battlefieldheroes.com) happened on June 26th, 2011, added to the system on 15:10, 23rd Jan 2014
Forbes (forbes.com) happened on February 15th, 2014, added to the system on 13:24, 15th Feb 2014
Gawker (gawker.com) happened on December 11th, 2010, added to the system on 02:00, 4th Dec 2013
hackforums.net (hackforums.net) happened on June 25th, 2011, added to the system on 12:30, 11th May 2014
hemmelig.com (hemmelig.com) happened on December 21st, 2011, added to the system on 09:23, 25th Mar 2014
Lounge Board (loungeboard.net) happened on August 1st, 2013, added to the system on 12:22, 6th Jul 2014
Win7Vista Forum (win7vista.com) happened on September 3rd, 2013, added to the system on 12:01, 1st Jun 2014
--
the odd thing is i never had accounts on any of those websites….
 
Last edited by a moderator:
Joined
Oct 20, 2006
Messages
7,758
Location
usa - no longer boston
I thought I disabled that, but apparently not.

Anyway, I believe it searches some known databases for user names and email addresses. Perhaps someone else has used the name 'you' on those sites.
 
Joined
Aug 30, 2006
Messages
11,223
Welcome back! :D

I got a mail like that... with different site, I don t have accounts on those except for one, but with a different password...
 
Joined
Aug 17, 2008
Messages
354
Did my duty. Changed my password. Thanks for the warning. Even though I almost never log in anymore. Don't have anything to contribute I'm afraid. But I still check the site for news - even if my backlog is HUGE.

Glad to see the Watch is up and running again. Even though that banner you see when RpgWatch is down is kinda cute. ;-)
 
IT'S ALIVE!!

iu
 
Joined
Oct 18, 2006
Messages
2,245
Location
New Zealand

I also want to send this! The link it tries to recommend, after logging in is broken. And once you login you can't reach the forums either, as it keeps trying to tell you to go to the profile page. But the link is broken.

I found the correct link in the email I received with the new temp password. This could be very annoying for people, I think.
 
Joined
Jul 31, 2007
Messages
6,252
When I accessed the site via Chrome, it popped up the change password message but then it got into a loop and I wasn't able to update it. I had to come in via Internet Explorer. Not sure why that would happen, but I got in now. I hope they didn't leave any back doors to capture our password changes.

Glad you folks are still in operation.
 
Joined
Mar 22, 2012
Messages
5,521
Location
Seattle
One odd thing is when rpgwatch came up i received this email:

From:
DragonByte Security has detected that your account has been the subject of a breach on another site. We recommend you change your password and enable two-factor authentication to stop your account from being a target of further breaches.

Astropid (astropid.com) happened on December 19th, 2013, added to the system on 05:49, 6th Jul 2014
Battlefield Heroes (battlefieldheroes.com) happened on June 26th, 2011, added to the system on 15:10, 23rd Jan 2014
Forbes (forbes.com) happened on February 15th, 2014, added to the system on 13:24, 15th Feb 2014
Gawker (gawker.com) happened on December 11th, 2010, added to the system on 02:00, 4th Dec 2013
hackforums.net (hackforums.net) happened on June 25th, 2011, added to the system on 12:30, 11th May 2014
hemmelig.com (hemmelig.com) happened on December 21st, 2011, added to the system on 09:23, 25th Mar 2014
Lounge Board (loungeboard.net) happened on August 1st, 2013, added to the system on 12:22, 6th Jul 2014
Win7Vista Forum (win7vista.com) happened on September 3rd, 2013, added to the system on 12:01, 1st Jun 2014
--
the odd thing is i never had accounts on any of those websites….

I got one too, in my spam folder…but I had accounts on all the thing listed. :/
 
Last edited by a moderator:
Joined
Oct 13, 2007
Messages
7,313
To prevent the problem with the incorrect link, I hardwired the link in the message that is send. It should now send everyone to the correct page, regardless if they are entering from rpgwatch.com or rpgwatch.com/forums.
 
Joined
Aug 30, 2006
Messages
11,223
Back
Top Bottom