Now, I'm not speaking for Zygor since I don't know what kind of setup he has, but it's possible that Zygor doesn't even know yet what may or may not have been compromised. I believe you can count the entire Zygor team on one hand, and I think only one of them does the webmaster stuff. It might take him some time to figure out what exactly happened.
-
My Flight Path Follies guide
A pessimist knows all women are bad... an optimist hopes they are.
I reject your reality and substitute my own.
All foreign languages are done with Google Translate. -
No doubt... which is exactly why they should inform customers sooner rather than later.Originally posted by cabby View PostComment
-
The most important information is if the forum passwords are stored encrypted in a secure way. If they are the only thing that has been stolen are nicknames and mail addresses.Comment
-
I tested the encryption of the passwords by using the "Forgot the password" feature.
I expected a new random generated password in my email, but guess what I got my password in PLAIN TEXT back form Zygor.
This means that Zygor is NOT ENCRYPTING our passwords!!
or at best case has a 2 way encrypting of the password.
The best (and only) way of securing passwords is to use one way encrypting.
If the hackers got hold of the password file/field, they have our passwords!
PS: I also got the SPAM email.-->>PETTER<<--Comment
-
did some digging, the good news is that vbulletin password is encrypted so it is not likely that hacker would be able to use our passwords, and what they have is probably our names, username and email.
But I'm no expert, would like some confirmation.
Notifying customers would still be appropriate, as they can do a more personalized phishing attempts, like fake Zygor emails to get your password which will probably work well since customers don't expect it.Comment
-
I got this email also, and I got it before I had a single post on the thread.Comment
-
WTB [Update From Zygor]Comment
-
Firstly, we apologize for this compromise of our system. We understand this information is important to you and we are doing our absolute best to make sure it is better protected.
Rest assured that our heads are not in the sand, this issue is our top priority. We are actively working with multiple web security experts to find out what exactly happened, when it happened, what information was obtained, and what needs to be done so that this does not happen again.
If user passwords are confirmed in having been compromised, we will issue a password reset for all users. Once we have more information, you will be the first to know.
Stay tuned.Become a Fan of Zygor Guides on Facebook:
http://www.facebook.com/zygorguides
Follow Zygor Guides on Twitter:
http://twitter.com/zygorguidesComment
-
Thank you for the update, Zyg.
It's appreciated, hopefully you can find out quickly so the community can be safe.
Do you have any legal grounds for suing said company who the users the email since it would seem to me they are the ones who hacked into the site or purchased the info from someone who did.Comment
-
I think that would be pretty hard to do because for it to be a successful lawsuit you'd have to prove that the company used the information knowing it was stolen. I think probably the best route would be to hand it over to the authorities for them to prosecute whoever stole the information.My Flight Path Follies guide
A pessimist knows all women are bad... an optimist hopes they are.
I reject your reality and substitute my own.
All foreign languages are done with Google Translate.Comment
-
That would explain why I got the following email:
I removed the link as there's no need to advertise for them.Let's face it Bomyne, sometimes, World of Warcraft is boring. Leveling, and farm golds for hours to be able to play in high-level dungeons is time consuming.
Why not having a great time with your friends while your char playing by itself ?
With our tools you can skip the boring content like griding, levelling and quests you have done 100x times ! Press the start button and your toon start playing by itself, for hours, griding, leveling, repair, send to your mule, and even more...
If you want more fun, you can use Whack to gain an unfair advantage on others players, you can fly without flying mount, going under the map, walk on water... with any class, at any level. Now you can track other players, mobs, climbing the highest mountains with ease...
And the bast part, all our tools are undetectable by the World of Warcraft anti-cheating tool, so called "Warden". Monitored by our servers 24h/24, 7/7, it have been defeated, completely harmless...
Undetectable,
Full background support, it play while using your computer,
Repair, restock, mail items,
Custom classes,
Full open API for developers, with warden protection,
Integrated cheating software*
Even more, this is just a teaser
Have a look on our website for videos and more :
http://www.<removed>.euComment
-
Well, the names they used on the email were usernames on this forums and not real names. That should have made them suspicious if it were not them that obtained it.Originally posted by cabby View PostComment
-
*Update*
We have identified how the intrusion occurred, as well as what needs to be done to fix the security holes. We've also identified a few things we will be doing to further increase the security of our website and better protect customer information.
We are now working to put all the protection into place and hope to have that completed within the next day or so. Once all that is done, we will issue password resets for all members.
Thank you for your patience as we work to get this issue resolved.
Stay tuned.Become a Fan of Zygor Guides on Facebook:
http://www.facebook.com/zygorguides
Follow Zygor Guides on Twitter:
http://twitter.com/zygorguidesComment
Working...
Comment