Page 1 of 4 123 ... LastLast
Results 1 to 10 of 38
Like Tree9Likes

Recent Attack

This is a discussion on Recent Attack within the About This Board forums, part of the Other Forums category; RE the recent attack, was any data exposed? Should people be changing their passwords?...

  1. #1
    Board Regular Kyle123's Avatar
    Join Date
    Jan 2012
    Location
    Leeds, UK
    Posts
    2,166

    Default Recent Attack

    RE the recent attack, was any data exposed? Should people be changing their passwords?
    HackSlash likes this.

  2. #2
    Board Regular HackSlash's Avatar
    Join Date
    Nov 2016
    Location
    The Office
    Posts
    234

    Default Re: Recent Attack

    How do you know the "maintenance" was due to an attack? I don't see a note here in the forums. Do you have a link?
    WARNING: I hand type code suggestions in here with absolutely no testing. I would be amazed if my suggested code runs at all without debugging. My intention is to point you in the right direction. Please take the time to look up new commands and understand what I am suggesting before using any code. There is always more than one way to solve a problem.

  3. #3
    Board Regular Kyle123's Avatar
    Join Date
    Jan 2012
    Location
    Leeds, UK
    Posts
    2,166

    Default Re: Recent Attack

    There was a banner saying as much, however it has since disappeared

  4. #4
    Board Regular HackSlash's Avatar
    Join Date
    Nov 2016
    Location
    The Office
    Posts
    234

    Default Re: Recent Attack

    Gotcha, it is back "Following an attack on the forum yesterday, we had to restore the database from the latest safe backup. Unfortunately that involved losing all posts and new user registrations from the last 36 hours. We apologize for the inconvenience caused to our members, but it was the safest course of action that we could take."
    WARNING: I hand type code suggestions in here with absolutely no testing. I would be amazed if my suggested code runs at all without debugging. My intention is to point you in the right direction. Please take the time to look up new commands and understand what I am suggesting before using any code. There is always more than one way to solve a problem.

  5. #5
    MrExcel MVP
    Moderator
    Joe4's Avatar
    Join Date
    Aug 2002
    Posts
    36,190

    Default Re: Recent Attack

    It is doubtful they had access to passwords, as they are not stored in a readable format (if anyone asks for their password, we can only reset them, as we cannot see what they currently are).

    But it is never a bad idea to change your passwords from time-to-time.
    Andrew Fergus likes this.
    TIPS FOR FINDING EXCEL SOLUTIONS
    1. Use the built-in Help that comes with Excel/Access
    2. Use the Search functionality on this board
    3. A lot of VBA code can be acquired by using the Macro Recorder.

    "Give a man a fish, feed him for a day. Teach a man to fish, feed him for life!"

  6. #6
    Board Regular HackSlash's Avatar
    Join Date
    Nov 2016
    Location
    The Office
    Posts
    234

    Default Re: Recent Attack

    "doubtful" ? Are you guys performing a forensic analysis of the attack to see what happened?

    There are many ways to break encryption depending on what they got in to. If they have your user database they can brute force it against a rainbow table and show all the users with simple passwords, like has been done in other major breaches.
    Krayons likes this.
    WARNING: I hand type code suggestions in here with absolutely no testing. I would be amazed if my suggested code runs at all without debugging. My intention is to point you in the right direction. Please take the time to look up new commands and understand what I am suggesting before using any code. There is always more than one way to solve a problem.

  7. #7
    MrExcel MVP
    Moderator
    Joe4's Avatar
    Join Date
    Aug 2002
    Posts
    36,190

    Default Re: Recent Attack

    Thanks for your concerns. The Admins (and I am not one of them) are handling this.
    If you have any concerns, then by all means change your password.
    Andrew Fergus likes this.
    TIPS FOR FINDING EXCEL SOLUTIONS
    1. Use the built-in Help that comes with Excel/Access
    2. Use the Search functionality on this board
    3. A lot of VBA code can be acquired by using the Macro Recorder.

    "Give a man a fish, feed him for a day. Teach a man to fish, feed him for life!"

  8. #8
    Board Regular Kyle123's Avatar
    Join Date
    Jan 2012
    Location
    Leeds, UK
    Posts
    2,166

    Default Re: Recent Attack

    vBulletin hasn't exactly got a glowing reputation for security (especially when it's not up to date) when it comes to storing passwords - have a look here: https://www.troyhunt.com/data-breach...etin-and-weak/

    Even if hackers may have had access to the user table then the responsible thing to do would be to email users and advise them to change their password. The problem is that users tend to use the same password all over the web and should a hacker have access to both the username and password, they have access to wherever the user has used it.

    Assuming that the hacker can reasonably get 20% of the passwords, that's nearly 70,000 users of this community with potentially access to emails compromised.

    There's no stigma attached to advising users to change passwords, it happens all the time even to the big boys like adobe.
    Krayons likes this.

  9. #9
    Board Regular
    Join Date
    Sep 2016
    Location
    Canada
    Posts
    225

    Default Re: Recent Attack

    Quote Originally Posted by Kyle123 View Post
    RE the recent attack, was any data exposed? Should people be changing their passwords?
    To anyone reading this thread, considering the lack of information provided regarding the attack, I highly recommend and urge you to please change your password. If the password you use on MrExcel.com is used anywhere else, especially your email or any financial institutions, be sure to change those immediately.

    Most of the time, hackers don't attack websites for the "lulz". They are almost always after information; usually email addresses (so as to sell them) and passwords.

    I also cannot stress enough the importance of using strong passwords. LastPass is an amazing tool. With it, every single one of my accounts all use a unique 20 character password. (EG: &8y*^Ex4Zvk$&S!7A9nV) The odds of it being brute forced, are so astronomically small, that I have absolutely zero concerns as a result.

    Good luck.

    Edit:

    In lieu of this, I also cannot stress enough, how bad it is to actively display to the world, that MrExcel.com is using outdated vBulletin software. I also highly recommend that the admins remove the version number from appearing at the bottom of this website.
    Last edited by Krayons; Dec 8th, 2016 at 05:55 PM.
    HackSlash likes this.
    TIPS FOR FINDING EXCEL SOLUTIONS:

    1. Ask Google.
    2. Use the Search functionality on this board.
    3. A lot of VBA code can be acquired by using the Macro Recorder.
    4. Microsoft's Developer Network is your friend!

  10. #10
    Board Regular Kyle123's Avatar
    Join Date
    Jan 2012
    Location
    Leeds, UK
    Posts
    2,166

    Default Re: Recent Attack

    I'd just like to draw attention to this once again. All the usernames, passwords and email addresses from this attack have now turned up online. If you haven't changed your password yet, I urge you to do so (especially if it's used anywhere else)

Page 1 of 4 123 ... LastLast

Like this thread? Share it with others

Like this thread? Share it with others

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


DMCA.com