Googling 'My IP' from your phone/PC will show you it too, at the top of the results.
Also worth noting is that your wireless router and your mobile data connection have different IP addresses.
-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
Important Notice - Security Breach
- Thread starter Phases
- Start date
- Status
Googling 'My IP' from your phone/PC will show you it too, at the top of the results.
Also worth noting is that your wireless router and your mobile data connection have different IP addresses.
Torisen
Newbie
Glad I read this thread before freaking out lol. I had attempts of someone logging into my account and if I had not read this thread letting me know it was the app on my phone that was continuing to try and log in I would be in a little paranoid ball in a corner. Although, I might have figured it out by the IP address being used as well, which I also checked after reading this thread.
I have to thank cNet for the heads up on this one.
I have to thank cNet for the heads up on this one.
jbenham
Android Enthusiast
I must have pushed a wrong button.
I went to the CONTACT page and sent an email. It would have been from my gmail account. Basically I just wanted to verify that the emails were coming from you, so you can ignore it.Thanks mamawm! The ip address in the emails that were sent is my external address.
knightresearch
Lurker
You are correct. The pathetic "whoops, we're idiots" apology isn't enough! Thanks for giving the spammers my email address. Do you have 2-factor auththentication? Do you have a "strength meter" on your passwords? If Bank of America or American-Express had done this...do you think "whoops" would be enough?! Stop thinking your site is safe. Get professionals to audit your system, and stop the "once I get in the front door, I can do anything" mentality you run your site with.
Rachel A
Android Expert
Holy Jeez. I've lived through 2 hack attacks on a large financial system we ran with more security than I've been through before and the hackers still got in.
There's no such thing as an impervious system - we get the site for free and you get all ungrateful about just how quickly they turned this thing around?
I don't think you have the first clue as to how hard it is to run a secure website.
Things wouldn't be so bad if users practiced safe security but they don't, and, as a result, people find other accounts compromised as a result.
Stop whining and be thankful the admins worked as diligently as they did. My hats off to Phases and his team for an excellent job well done.
phor11
Newbie
They worked diligently to contain the breach and secure admin accounts, but I have to agree with some other posters that an email should have been sent out to users. It's been 3 days now and I just found out about it via a completely different site.
In my case, it's not a huge deal because I use a different long/secure randomly generated password for every site so there's no way they could decrypt it in 3 days, and even if they did they couldn't do much of anything with it...
But you KNOW there are people out there that don't visit the site every day and use the same password for multiple sites. A quick email blast about the intrusion would have gone (and would still go) a long way toward helping mitigate possible damages.
Frisco
=Luceat Lux Vestra=
No, it wasn't me, and no I'm not mad at anyone here. :smokingsomb:
Meanwhile, I just got a screen obscuring "phandroid" ad, the content being (copy/paste quote):
]o 0 ' ?xL"W + 8 Mi @ v1 5N Ab N U b\ C s $ I U t B) " $ N1 Xn ] E%K Sh @ lt I^ ; 3 VL w! ⑇ 1 ؉ Se
Meanwhile, I just got a screen obscuring "phandroid" ad, the content being (copy/paste quote):
]o 0 ' ?xL"W + 8 Mi @ v1 5N Ab N U b\ C s $ I U t B) " $ N1 Xn ] E%K Sh @ lt I^ ; 3 VL w! ⑇ 1 ؉ Se
TVictory
Well-Known Member
No, it wasn't me, and no I'm not mad at anyone here. :smokingsomb:
Meanwhile, I just got a screen obscuring "phandroid" ad, the content being (copy/paste quote):
]o 0 ' ?xL"W + 8 Mi @ v1 5N Ab N U b\ C s $ I U t B) " $ N1 Xn ] E%K Sh @ lt I^ ; 3 VL w! ⑇ 1 ؉ Se
DenverRalphy
Android Enthusiast
Somewhat correct.
The fallacy in your logic though, is that the breach was through a "known exploit". That's an administrative failure, plain and simple. You patch a known exploit before it is used, and not put it off until damage is done. Site administrators should be checking daily for patches and issuing those patches immediately.
After the breach, the administrators should have notified every registered user immediately. Not to do so is irresponsible and lazy.
Your argument that since the forums are provided as a free service is unfounded. Requiring personal and sensitive information to use the free service also places a reasonable assumption of obligation and responsibility upon the service provider to react, mitigate, and inform. An "oopsie, protect yourself!" statement does not fulfill that obligation.
Every single registered user should have been notified immediately. I can't believe a mass notification STILL hasn't been sent. I'm sure there are still many users who aren't yet aware of the breach.
[edit] Forgot to mention.. If for whatever reason a mass email couldn't be sent (doubtful), all user logins should have been suspended until after an important MOTD was read, and the user forced change their password.
Rachel A
Android Expert
Like I say, I've lived through this - and millions of dollars were at risk. We had two factor authentication in place and patches deployed on all servers on a regular basis. We were diligent. We worked hard. It still happened. And you cannot begin to imagine the grief and heartache we went through investigating the incident.
Until you've experienced this you cannot even begin to fathom what it's like on the other end. The fact that the admins took whatever action they did and contained it is to be commended.
Yeah, it's crappy it happened. Yeah it's a pain in the arse. Yeah it sucks. But like it or not, it IS a free site. It's hard to keep your eye on the ball 24/7 when you run a site like this. We had oodles of eyes on servers and the buggers still broke through.
As for notifications, there could be any # of reasons why they were not sent out. I've been in situations were my accounts were compromised and more data potentially stolen and I've still to receive official notification from at least one of them.
Until you've experienced this you cannot even begin to fathom what it's like on the other end. The fact that the admins took whatever action they did and contained it is to be commended.
Yeah, it's crappy it happened. Yeah it's a pain in the arse. Yeah it sucks. But like it or not, it IS a free site. It's hard to keep your eye on the ball 24/7 when you run a site like this. We had oodles of eyes on servers and the buggers still broke through.
As for notifications, there could be any # of reasons why they were not sent out. I've been in situations were my accounts were compromised and more data potentially stolen and I've still to receive official notification from at least one of them.
Phases did not mention any kind of previously known exploit. What he did say was that the exploit had been identified after the fact.
Phases said:
agentc13
Daleks Über Alles
Where did you get that it was a "known exploit"? All I have seen said that they know how it was done, and remidied that exploit immediately.
From the OP:
Phases said:
DenverRalphy
Android Enthusiast
The original post has been edited. At one point it specifically stated "unknown intruders using a known exploit". Believe who you will, but the original statement has been posted around the Web.
Regardless.. The damage control was mishandled.
jbenham
Android Enthusiast
I found out about it right here on July 10.
(July 10, 2012) Important Notice - Security Breach - Update Your Password - Click for Details
(July 10, 2012) Important Notice - Security Breach - Update Your Password - Click for Details
dautley
Android Expert
A press release on slashdot.org said it was a known exploit:
"Phandroid's AndroidForums.com has been hacked. The database that powers the site was compromised and more than one million user account details were stolen. If you use the forum, make sure to change your password ASAP. From the article: 'Phandroid has revealed that its Android Forums website was hacked this week using a known exploit. The data that was accessed includes usernames, e-mail addresses, hashed passwords, registration IP addresses, and other less-critical forum-related information. At the time of writing, the forum listed 1,034,235 members.'"
And to be honest it could have been up to a day before we were notified, Phases own words:
"I have some unfortunate news to pass along. Yesterday I was informed by our sever/developer team that the server hosting androidforums.com was compromised"
Just passing that along because you asked.
I don't know where they've got that from because Phases doesn't mention "known exploit" in any of the edits.
I found that slashdot article you said that you read, which includes the exact quote you mentioned. They took that quote from a zdnet article, which cites its source as our Phandroid article, which quotes Phases' post in its entirety as you see it now. Clearly zdnet have misrepresented the situation.
Having checked the edit log on Phases' post, that paragaph has not been edited whatsoever since the first draft.
It's an unfortunate situation, certainly. And I'm pretty annoyed too, to be honest (don't forget, I'm not being paid to be biassed here, nor being paid whatsoever
). But please, lets not misrepresent the situation by believing a third hand account of the problem rather than the quote from the site's administrator.
dautley
Android Expert
I 100% agree! Just passing along what's out there so the staff knows where some of the posts in this thread are coming from.
Phases
NO LONGER ADMIN
I never said known exploit. That's a fact. Not sure where it came from but it didn't come from me.
As for the rest of the feedback - well, it is appreciated and understood, but I need to talk with others on the team about this one before I give a proper response.
Thanks..
As for the rest of the feedback - well, it is appreciated and understood, but I need to talk with others on the team about this one before I give a proper response.
Thanks..
well its unfortunate that you guys have to spend your time on such events. seems that as long as there is an available internet connection, we are forced to deal with such nuisances in our environments.
loved the thorough post of the notification, and you guys do a great job with the information you provide on this site, and are very effective with handling all posts and requests.
I am a fan of this site.
loved the thorough post of the notification, and you guys do a great job with the information you provide on this site, and are very effective with handling all posts and requests.
I am a fan of this site.
GirlFriday
Member
Thank you for the notification and quick response. Unfortunately these things happen. There is no such thing as a hacker proof site. I'm sorry there are so many lazy people on this site though. This thread would be only half as long if it weren't for the people who couldn't be bothered to read through the thread or search and asked "are passwords salted and/or hashed" over and over and who reported the "x amount of attempts to log in to my account what gives?" OVER and OVER. You admins must have the patience of saints to put up with it.
Thank you for your kind words towards the folks that are dealing with this issue. They really had done a stand up job. Having had my SSN stolen a few times via companies like Disney and TJX I appreciate the level of detail, the timeliness, and honesty about what happened and what they have implemented.
As someone who has answered questions about login attempts again and again I can say I don't mind answering at all. This is/was a serious issue and folks are concerned not only for their own security, but for the security off AF, which is very thoughtful.
When I had the issue occur to me, it was very rapid fire (2 devices with three different forum apps all trying to connect). Reading through pages of "Good Job guys" and "your idiots" to find the solution is not as quick, or efficient, as simply asking again as someone will point out the solution and put that members mind at ease.
- Status