• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Important Notice - Security Breach

Status
Not open for further replies.
thanks guys for the notice, as well as the prompt action to the situation. and just thanks to everyone else to who has made this a very helpful, and informative forum.
 
Far more obvious, good job Tvic, now get some sleep, you probably haven't had any in the last few days.
 
Its gonna be a long night. XD
I shall change my passwords as soon. As possible. Thank you AF. For letting us know what was going on.

Now, to panic in an ordinarily fashion.
 
Guess I should be glad I used a throwaway email when I registered long ago. (well, one I use for signups but don't mind trashing should the need arise, so semi-disposable.)
 
Ehh Now Im going to have to change some of my passwords on a few sites, going to start using random generated passwords (Generated by me :D) for every site now.
 
Thank you for letting the users know. I would start digging throug the logs. It might take quite some time but would make it worth-while seeing the hackers charged with criminal online activities in the long run! Don't spare your efforts as it could pay off later. Thank you one more time for letting us know and good luck!
 
Sometimes that's an error generated by our app trying to log in or other web confusion.

To see if it's that or something worse, please google: my ip

And compare to that found in that sort of email.

To Phases and the Neverstill Team - thanks for being never still on our protection!

Further to EM's post, keep in mind that you will have a separate IP when connecting over your mobile data connection, so make sure to check that one too.

So far we have not seen any of the login error emails that cannot be explained by our own devices logging in witht he wrong password. We're more than happy to help people check their IP, however.



Wetbiker, I've edited out that IP from your post. It would appear that you are on a dyanmic IP and the one you posted is from the range of IPs your internet provider usually provides you. So nothing to worry about there.





EDIT: Sorry for the false report fellas. Looks like the it may have came from my phone. Looks like that 9 page report I was writing for school when all this happened must have fried my brain.

Evidently the last email I received after disconnecting Tapatalk was delayed and WAS from the Tapatalk app. Thanks for removing the IP address. I do appreciate it.:o:o
 
Sorry it took so long to reply to this post. I checked the IP before I posted it. It wasn't mine, It came from L.A., Ca. . Thanks for the heads up though. ;)


Is your phone from the LA area? I live in a town in northern CA but when I got my phone I lived in another town in northern CA previously. I googled the ip address in the email and it was showing the ip address was from my previous town. But then I realized it was my phone and when I changed my password on the Phandroid app I stopped getting the login failed email.
 
Thank you for the heads up. It's not something a website wants to admit but the respect of your users is obvious by telling everyone that to take and wait-and-see approach to hide the embarrassment. (Not that you guys did anything wrong just that fact it happened to you.)
 
Is your phone from the LA area? I live in a town in northern CA but when I got my phone I lived in another town in northern CA previously. I googled the ip address in the email and it was showing the ip address was from my previous town. But then I realized it was my phone and when I changed my password on the Phandroid app I stopped getting the login failed email.


I went ahead and checked again and it seems that the last email I received was because of the Tapatalk app even though I had wiped the data. The email was delayed evidently. Sooooo my dumbass posted a false report. I'm sitting here shaking my head right now because it didn't even cross my mind to check my phones IP address since I had cleared the data from Tapatalk.

Thanks for pointing that out.

I need a break! This school work is frying my brain. lol :banghead:


SORRY FOR THE FALSE ALARM, PEOPLE.
 
hmmm dunno why people are posting thx tbh email account I use here is almost junk free or it was, how the hell did that happen..... and how can you guarantee it won't happen again...?

Int

EDIT: take it our usernames and IP address's and profiles were compromised too?? PM's maybe too ?
 
Seriously considering getting the owner to delete me from the SQL DB as I'm a member of a few forums "a couple I could understand hackers having a pop at" and its the first time this has ever happen to be since the BBS days pre-forums....

Int
 
Am I the only one upset at having to (again) change all my forum and email passwords? We hear about hacking attempts all the time. The time to harden the servers was when you heard of other servers being compromised.... waaay before last week.

I'm seriously hoping this was a wake-up call and you'll be more pro-active going forward.

Congrats for keeping the server up and checking for malware, but IMO, there's room for improvement.
Tell that to the FBI, they're currently trying to imprison a British Citizen for the crime of finding out if he could hack into their servers by actually doing it. If they're fallible, then there's no hope for anyone.

Responsibility for security ALWAYS lies with the user AND the provider.

Personally I was forced to set up a more clever password system after my "usual" password got hacked on eBay (no real harm done) and I still used that password for all web forums up until yesterday (since there's little real damage anyone can do by posting as me). Thankfully, I have LastPass, so I have a handy list of which forums I haven't changed the password yet. There's no way I could remember hundreds of passwords,so a system is the only possibility.

In my case I use passW0rd%X where X is the first letter of the site I'm on. It's hardly uncrackable, unlike my Wifi password which is a 52-character string, but it'll stop casual hackers.
 
Seriously considering getting the owner to delete me from the SQL DB as I'm a member of a few forums "a couple I could understand hackers having a pop at" and its the first time this has ever happen to be since the BBS days pre-forums....

Int

I assure you this most certainly isn't the first time this has happened since the BBS days, it happens all the time. Most places never tell the users about intrusions.

In fact, I'd bet most mid-moderately successful sites don't even know it happens to them. The hackers/spiders don't leave thank you notes behind (most the time :P). You have to have some pretty keen eyes and/or software to spot the clues sometimes.

Deleting your account won't make any difference at this point. Even so, no one can do anything (at least here) with a regular user account that can't be reversed. However, if you would like your account deleted, let me know.
 
A very well written and transparent post, Phases. Thanks go out to you and the rest of the team for your diligence on this issue.

The rapid response and quick updates on the status are much appreciated. Thanks again.
 
I have been getting this same message all day since I changed my password and finally realized its my Phandroid that is trying to login with my old password. I updated my password on the app on my phone and it is all fixed now.

Beat me too it. It took me several hours and many, many emails from AF as I tried to figure out who was trying to hack my account from MY IP address.

Just curious. Are the passwords stored just hashed or salted as well?
 
Status
Not open for further replies.
Back
Top Bottom