-
February 14th, 2019, 23:51 #1
Data Breach, Gaming Sites Affected
If you needed another reason to use unique passwords on each and every website, here's another; https://techcrunch.com/2019/02/14/hacker-strikes-again/
A hacker who stole close to 620 million user records from 16 websites has stolen another 127 million records from eight more websites, TechCrunch has learned.
Problems? See; How to Report Issues, Bugs & Problems
On Licensing & Distributing Community Content
Community Contributions: Gemstones, 5E Quick Ref Decal, Adventure Module Creation, Dungeon Trinkets, Balance Disturbed, Dungeon Room Descriptions
Note, I am not a SmiteWorks employee or representative, I'm just a user like you.
-
February 15th, 2019, 00:09 #2Roll20, a gaming site, had 4 million records listed
-
February 15th, 2019, 01:08 #3
What gets me is that according to that article is one/some of the websites (unspecified) stored the passwords in plaintext. That, imo, should be criminal. No wonder Europe has implemented the GDPR, I hope everyone else follows.
Problems? See; How to Report Issues, Bugs & Problems
On Licensing & Distributing Community Content
Community Contributions: Gemstones, 5E Quick Ref Decal, Adventure Module Creation, Dungeon Trinkets, Balance Disturbed, Dungeon Room Descriptions
Note, I am not a SmiteWorks employee or representative, I'm just a user like you.
-
February 15th, 2019, 01:23 #4
Some interesting info, Under Armour announced the Breach March 29th of last year. https://www.uabiz.com/news-releases/...easeID=1062368
Anoimoto on July 10th; https://techcrunch.com/2018/08/20/an...location-data/
Houzz on Feb 4th; https://help.houzz.com/s/article/sec...language=en_US
px500 on Feb 13th and the breach was from July 2018; https://techcrunch.com/2018/08/20/an...location-data/
Coffee Meets Bagel and Roll20 just acknowledged it today; https://techcrunch.com/2019/02/14/ha...e-meets-bagel/ & https://app.roll20.net/forum/post/72...ecurity-breach
What I wonder, is why some of the sites knew about it before it was publically announced, and why others did not. I suspect that's because some do regular security audits and others don't. But, maybe someone more familiar with security can shed more light?
Problems? See; How to Report Issues, Bugs & Problems
On Licensing & Distributing Community Content
Community Contributions: Gemstones, 5E Quick Ref Decal, Adventure Module Creation, Dungeon Trinkets, Balance Disturbed, Dungeon Room Descriptions
Note, I am not a SmiteWorks employee or representative, I'm just a user like you.
-
February 15th, 2019, 01:27 #5
the breaches are unlikely to have all happened on the same day.
and there is as you suggest a widely varying difference in businesses ability to detect these things...
-
February 15th, 2019, 03:46 #6
Roll20's announcement to users:
https://app.roll20.net/forum/post/72...ecurity-breach
-
February 15th, 2019, 15:47 #7
Just some food for thought here and to ease people's minds:
- Passwords are hashed in our system and we can't recover them, we can only reset/replace them
- Our system stores emails, forum posts, blogs and purchase history.
- Our system does not store any financial data for customers or customer addresses. Those are all offloaded to PayPal and don't enter our system at all. Even monthly subscriptions are billed directly from PayPal and not from our end.
- Steam handles all payment, financial and other information for customers on Steam. We only get enough info to link a purchase to an account here.
- We contract out to a firm to regularly review and patch our servers and we apply the latest forum software updates for the stable version we are working with
- We maintain and archive server access and error logs that we periodically review with our outside contractor
- We utilize Cloudflare as an extra layer of protection on top for protection against a wide array of attacks
I do encourage people to use different passwords for different sites.Last edited by ddavison; February 15th, 2019 at 15:52.
-
February 15th, 2019, 15:52 #8
Thank you very much for the info, we all appreciate your efforts at keeping our info safe.
For support with any of my extensions, visit my #mattekure-stuff channel on Rob2e's discord https://discord.gg/rob2e
-
February 15th, 2019, 17:17 #9
Thanks for the info Doug. FYI, I wasn't fishing for a response from you, but do appreciate it!
Problems? See; How to Report Issues, Bugs & Problems
On Licensing & Distributing Community Content
Community Contributions: Gemstones, 5E Quick Ref Decal, Adventure Module Creation, Dungeon Trinkets, Balance Disturbed, Dungeon Room Descriptions
Note, I am not a SmiteWorks employee or representative, I'm just a user like you.
-
February 15th, 2019, 22:39 #10
- Join Date
- Jun 2013
- Location
- Isanti, MN
- Posts
- 2,922
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Bookmarks