Status
Not open for further replies.

Addressing the recent user account hack scare

Dear GBAtemp members and visitors,

It has come to our attention that over the past two days, a person has somehow been able to access a few user accounts on our forums. Shortly after, rumors started blossoming regarding a possible site/forum/database hack or a password leak. After an extensive search into server logs and lookup tools we have no reason to believe that any part of our site has been compromised.

At this point, as several people have suggested already, we believe that the reason this intrusion happened is because another site (an illegal ROM/ISO download site) was recently hacked and the password database was exposed to the public. Since a portion of our members was also registered on that site, possibly using the same password, this could explain the recent scare.

Even though we have no reason to believe our site has been compromised, we have taken a series of measures to reinforce account security on GBAtemp. Firstly, we have reviewed security on the server and all components of our site to make sure everything is up to date and secure. Some components of the forum software have been updated and following this update, one or two add-ons have ceased functioning. If you see anything that isn't working as expected, please use our Site discussions and suggestions forum to report the issue.

At this point, we recommend all our members to change their password and enable two-factor authentication. We are sending out e-mails to all our members to inform them of this situation and to recommend them to change their password. We strongly recommend using a unique and complex password, not just here but on every site you are registered to.

If you have any information that may help us get a better grasp on the situation, please get in touch with a member of the staff. Thank you for your understanding!

The staff
 
So, if my password on that one ISO site was different from the password that I have here on GBATemp, I am not in risk of getting my account compromised, right?

Sent from my SAMSUNG-SM-G850A using Tapatalk
 
The most I heard, it was one of those pirate-y sites. The only one I can think of is snip since it's the most popular. If you have any pirate accounts, just change all of 'em to be safe.

It would just be nice if someone said the actual name of the site that was hacked. Nobody here really believes that GBAtemp doesn't help facilitate piracy, do they? I mean I would guess that probably 75% of the people in the Wii U section are there to find out how to pirate games directly from Nintendo.

I don't really pirate games but it's entirely possible I have an account where the breach happened from the past...
 
I'd suggest people start using a password manager of some kind which supports a password generator.

It may make life a bit harder, but at least it reduces the risk of a hacked site causing worse issues elsewhere.
Agreed.
I use KeePass2. Has done me nothing but good in the long run.
 
Allow me this chance to link to http://haveibeenpwned.com . Enter your username or an email to see if you've been hacked. Also has a notify option.

(Verified safe by Reddit admins.)

Apparently I was somehow breached in snapchat, what? I don't even have an account on there :blink:
 
Allow me this chance to link to http://haveibeenpwned.com . Enter your username or an email to see if you've been hacked. Also has a notify option.

(Verified safe by Reddit admins.)
CumbersomeDorkBurp

I'm honestly shocked.
 
There are no know Xenforo exploits, so if here was been compromise it was at the login or server level.
 
Allow me this chance to link to http://haveibeenpwned.com . Enter your username or an email to see if you've been hacked. Also has a notify option.

(Verified safe by Reddit admins.)
lol I'm pwned all over the place, its mostly on hax sites. Glad I use a different password for each site.
 
Last edited by Thomas83Lin,
Allow me this chance to link to http://haveibeenpwned.com . Enter your username or an email to see if you've been hacked. Also has a notify option.

(Verified safe by Reddit admins.)
So I've been pwned on 7 breached sites but no pastes thankfully. I'll bet that one of those was Sony Entertainment.

LastPass is very useful to alert if there's something off and so is Gmail.
 
  • Like
Reactions: Deleted User
Status
Not open for further replies.

Site & Scene News

Popular threads in this forum