Author

Topic: Forum security breach ? (Read 1099 times)

newbie
Activity: 4
Merit: 0
May 27, 2015, 04:46:18 AM
#17
LET US REMOVE OUR ACCOUNTS !!!

Update:

Ok, now i changed my mailadress to a throw away temponary-one, and my password to password...

- but ACC Delete would be much better... - i mean: what if people, who wanna be deleted, start offend people and linking porn here, just to be deleted ?

This here should not be a prison for parts of personal data - when people like to bury them, let them do it ! - Not, cause a law says , but because the people  are the one who make those laws... - Users are people too !
legendary
Activity: 2058
Merit: 1462
May 26, 2015, 08:45:04 PM
#16
Did some homework and I'm back with disheartening news. According to several posters in the Meta Section, it seems like there is no way to delete your own account nor to get it deleted. The best advice given is to change all your account details and walk away. This is, my opinion an unacceptable alternative, especially in the face of a hack like the one the forum just experienced.

Source: https://bitcointalksearch.org/topic/disable-account-in-the-forum-1068627

you know if thats true then this place breaks EU law. "the right to be forgotten" its the same law that force facebook to add a delete button... just saying Smiley

as for deleting account remove all info and delete anything you dont want people seeing. randomly generate a long ass password and leave the account
the forum operates outside of the EU, so I doubt anything will happen.
legendary
Activity: 1554
Merit: 1002
May 26, 2015, 07:11:38 PM
#15
Did some homework and I'm back with disheartening news. According to several posters in the Meta Section, it seems like there is no way to delete your own account nor to get it deleted. The best advice given is to change all your account details and walk away. This is, my opinion an unacceptable alternative, especially in the face of a hack like the one the forum just experienced.

Source: https://bitcointalksearch.org/topic/disable-account-in-the-forum-1068627

you know if thats true then this place breaks EU law. "the right to be forgotten" its the same law that force facebook to add a delete button... just saying Smiley

as for deleting account remove all info and delete anything you dont want people seeing. randomly generate a long ass password and leave the account
newbie
Activity: 1
Merit: 0
May 26, 2015, 03:11:28 PM
#14
I recvd the same email, then i get an email from cryptsy saying there has been a failed ateempt at my password.

Luckily theyre different.
newbie
Activity: 1
Merit: 0
May 26, 2015, 02:43:33 PM
#13
Yeap i just now received E-mail how my e-mail & account have been breach. Jeez thanks a lot. So i always been right humanity stinks to high heaven
newbie
Activity: 3
Merit: 0
May 26, 2015, 12:49:27 PM
#12
I got the same message today, and I never use bitcoin, and for some idiotic reason, I can not find a way to delete my forum account, nor is there any way to contact anyone about it. I've been to my account settings, but there is no option to 'delete account' there. This is stupid, imo.
legendary
Activity: 3066
Merit: 1147
The revolution will be monetized!
May 26, 2015, 10:22:30 AM
#11
If you want to get rid of your account I think you will have to delete your posts one by one, then set your password to an impossibly long one and forget it.
newbie
Activity: 3
Merit: 0
May 26, 2015, 10:19:27 AM
#10
 Huh

Can't remember my password to change it and the reminder button, it does nothing.

I'd like to just delete my account and start over with a new one (not on these boards that often).

Got my first spam moments ago.  Embarrassed
newbie
Activity: 3
Merit: 0
May 26, 2015, 10:02:05 AM
#9
Did some homework and I'm back with disheartening news. According to several posters in the Meta Section, it seems like there is no way to delete your own account nor to get it deleted. The best advice given is to change all your account details and walk away. This is, my opinion an unacceptable alternative, especially in the face of a hack like the one the forum just experienced.

Source: https://bitcointalksearch.org/topic/disable-account-in-the-forum-1068627
newbie
Activity: 2
Merit: 0
May 26, 2015, 09:59:08 AM
#8
Another security breach stole my random password and alt email scary.
newbie
Activity: 3
Merit: 0
May 26, 2015, 09:46:43 AM
#7
I agree with Jeff. I would like to delete my account, could someone provide instructions on how to do so? I saw no such option under the profile section of the site.

Thanks
newbie
Activity: 11
Merit: 0
May 26, 2015, 09:30:36 AM
#6
I don't want my account here any more.  Could you please delete my account?  Or send me an email with instructions to do it.  I don't see any way of doing it myself.

Thanks
newbie
Activity: 4
Merit: 0
May 26, 2015, 09:20:23 AM
#5
 Angry Angry Angry Angry Angry

i didnt remember my password - but i think this forum here, will be attacked more and more, so i wanna leave it... - how can i delete my profile ? (to get out of the attack line.... I dont need more pishing shit on my emailadress !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
legendary
Activity: 4382
Merit: 9330
'The right to privacy matters'
May 26, 2015, 09:02:19 AM
#4
@ op  I just spent 2 days changing passwords  on 100+ sites.   I am not done and need to pm Theymos about my main account (this one) later today.



@ danny h

I no longer have a paid signature.  As I have decided Danny H. has a good point about paid signatures
legendary
Activity: 910
Merit: 1000
May 26, 2015, 08:59:55 AM
#3
In case you haven't read it yet, you should take a look at theymos's official report on the incident on https://bitcointalksearch.org/topic/about-the-recent-server-compromise-1067985.

Vod reported getting a spam email, so it is likely the email address list has already been sold. Sad
Received my first spam email last night.   Embarrassed

legendary
Activity: 3528
Merit: 4945
May 26, 2015, 08:33:17 AM
#2
I received this ...  from

Return-Path: <[email protected]>
Received: from bitcointalk.org (node-186-2-165-183.reverse.x4b.me. [186.2.165.183])

=> Huh All infos from the server are in wild ?

Possibly.

At least the following:

Quote
- Email address
 - Password hash
 - Last-used IP address and registration IP address
 - Secret question and a basic (not brute-force-resistant) hash of your
 secret answer
 - Various settings
legendary
Activity: 1110
Merit: 1000
May 26, 2015, 08:30:50 AM
#1
I received this ...  from

Return-Path: <[email protected]>
Received: from bitcointalk.org (node-186-2-165-183.reverse.x4b.me. [186.2.165.183])

=> Huh All infos from the server are in wild ?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

You are receiving this message because your email address is associated
with an account on bitcointalk.org. I regret to have to inform you that
some information about your account was obtained by an attacker who
successfully compromised the bitcointalk.org server. The following
information about your account was likely leaked:
 - Email address
 - Password hash
 - Last-used IP address and registration IP address
 - Secret question and a basic (not brute-force-resistant) hash of your
 secret answer
 - Various settings

You should immediately change your forum password and delete or change
your secret question. To do this, log into the forum, click "profile",
and then go to "account related settings".

If you used the same password on bitcointalk.org as on other sites, then
you should also immediately change your password on those other sites.
Also, if you had a secret question set, then you should assume that the
attacker now knows the answer to your secret question.

Your password was salted and hashed using sha256crypt with 7500 rounds.
This will slow down anyone trying to recover your password, but it will
not completely prevent it unless your password was extremely strong.

While nothing can ever be ruled out in these sorts of situations, I do
not believe that the attacker was able to collect any forum personal
messages.

I apologize for the inconvenience and for any trouble that this may cause.
-----BEGIN PGP SIGNATURE-----

iF4EAREIAAYFAlVhiGIACgkQxlVWk9q1keeUmgEAhGi8pTghxISo1feeXkUMhW3a
uKxLeOOkTQR5Zh7aGKoBAMEvYsGEBGt3hzInIh+k43XJjGYywSiPAal1KI7Arfs0
=bvuI
-----END PGP SIGNATURE-----
Jump to: