Data Security Update 1/4/2019

Announcements made here about the game and the company.

Re: Data Security Update 1/4/2019

Postby shapesifter13 » Wed Jan 09, 2019 2:26 pm

Malfoydragon wrote:
Malfoydragon wrote:Has the malware, the hackers, and all traces of the hackers been removed?


I'd like a clear answer from staff on this please, because I changed my password to a temporary password, if everything is removed I can create a permanent password for this account.


We believe we have fixed all the holes, but we are having a security firm audit everything currently. Once they gives us the all clear we will be making every user change their password with a new force password reset feature we are working on.
shapesifter13
Developer
Developer
 
Posts: 4681
Joined: Fri Jan 02, 2015 4:55 pm

Re: Data Security Update 1/4/2019

Postby mdb1023 » Wed Jan 09, 2019 5:24 pm

Dammit I already changed my password. Can I change it and then change it back to what I have now?
Discord: Finn#5059

http://www.twitch.tv/mikeakafinn?sr=a

Do you like Mafia? You'll love Survivor, and and we're hosting games of them all the time! It's super easy to join and learn how to play, and the best part is- it's all on discord! Join the Finnvivor discord server to see when signups for a new game go up! Click here to join the server or DM me on discord for details! !
User avatar
mdb1023
Serial Killer
Serial Killer
 
Posts: 2127
Joined: Mon Mar 30, 2015 2:45 pm
Location: At work, rehearsal, or finishing whatever I pushed off to the last minute this time.

Re: Data Security Update 1/4/2019

Postby danzho55 » Wed Jan 09, 2019 9:46 pm

If my account was linked to my steam account, does that mean my steam info is compromised aswell? Also, since I forgot my old password a year ago, I've been resetting my password and just logging in with the password that was sent to my email. If I never bothered to update my password, does that mean they don't have my original password?
danzho55
Newbie
Newbie
 
Posts: 1
Joined: Sun Dec 20, 2015 9:05 pm

Re: Data Security Update 1/4/2019

Postby Jerme » Wed Jan 09, 2019 10:59 pm

danzho55 wrote:If my account was linked to my steam account, does that mean my steam info is compromised aswell? Also, since I forgot my old password a year ago, I've been resetting my password and just logging in with the password that was sent to my email. If I never bothered to update my password, does that mean they don't have my original password?

No Steaminfo was taken as far as I've seen, as only the forum DB was breached instead of the one of the game (in which only your Steam ID is saved in). Thus the hackers do not have gotten any Steaminfo on that (or onyl the email if you use the same for Steam and ToS). Only the hash of the passwor was taken, so with work they could decode it, but this cna take a while to be done.
Disclaimer: I try to abide by the game's softfilter and use the appropriate replacements, when I am using the forums. Those will be set in brackets. Example: [tarnation]
Visit my role suggestions and give me feedback: http://www.blankmediagames.com/phpbb/viewtopic.php?f=27&t=28949

Visit the Testing Grounds
Occupation: A developers pain and joy (QA-fox), currently "hired" by Ralozey
User avatar
Jerme
Global Moderator
Global Moderator
 
Posts: 28197
Joined: Thu Apr 30, 2015 2:09 pm

Re: Data Security Update 1/4/2019

Postby Jerme » Thu Jan 10, 2019 11:33 am

Gutten wrote:Considering you are sending out plain text passwords through emails, I’d say you deserve what’s coming to you.

That password is supposed to be one use only in order to have it changed.
Disclaimer: I try to abide by the game's softfilter and use the appropriate replacements, when I am using the forums. Those will be set in brackets. Example: [tarnation]
Visit my role suggestions and give me feedback: http://www.blankmediagames.com/phpbb/viewtopic.php?f=27&t=28949

Visit the Testing Grounds
Occupation: A developers pain and joy (QA-fox), currently "hired" by Ralozey
User avatar
Jerme
Global Moderator
Global Moderator
 
Posts: 28197
Joined: Thu Apr 30, 2015 2:09 pm

Re: Data Security Update 1/4/2019

Postby Phone0Ix » Thu Jan 10, 2019 11:54 am

shapesifter13 wrote:
Malfoydragon wrote:
Malfoydragon wrote:Has the malware, the hackers, and all traces of the hackers been removed?


I'd like a clear answer from staff on this please, because I changed my password to a temporary password, if everything is removed I can create a permanent password for this account.


We believe we have fixed all the holes, but we are having a security firm audit everything currently. Once they gives us the all clear we will be making every user change their password with a new force password reset feature we are working on.

Can you give a warning a week before the reset? Because I'm still afraid my friend will use their account with the password reset. In that way my friend can contact the admins when emails to your team are stopped being about the breach and he can contact you to get to change their email
Call me Phone Ig

Or Silver because of my old discord name. Or Mikan because of my new discord name. Or Julian as that's my actual name
User avatar
Phone0Ix
[Forum Mafia XVII] Winner
[Forum Mafia XVII] Winner
 
Posts: 429
Joined: Sun Jul 24, 2016 11:00 am
Location: The Netherlands

Re: Data Security Update 1/4/2019

Postby TurdPile » Thu Jan 10, 2019 12:05 pm

Phone0Ix wrote:
shapesifter13 wrote:
Malfoydragon wrote:
Malfoydragon wrote:Has the malware, the hackers, and all traces of the hackers been removed?


I'd like a clear answer from staff on this please, because I changed my password to a temporary password, if everything is removed I can create a permanent password for this account.


We believe we have fixed all the holes, but we are having a security firm audit everything currently. Once they gives us the all clear we will be making every user change their password with a new force password reset feature we are working on.

Can you give a warning a week before the reset? Because I'm still afraid my friend will use their account with the password reset. In that way my friend can contact the admins when emails to your team are stopped being about the breach and he can contact you to get to change their email


He can change his account's email directly from the forums at any time.
I have mostly rescinded my role as Admin.

All previous contact should instead be redirected to Flavorable.

If your inquiry doesn't directly have to do with Trial 2.0 or TrialBot, then please refrain from messaging.

Thank you.
User avatar
TurdPile
Vampire
Vampire
 
Posts: 8900
Joined: Tue Feb 11, 2014 10:25 am
Location: Massachusetts

Re: Data Security Update 1/4/2019

Postby Phone0Ix » Thu Jan 10, 2019 1:37 pm

TurdPile wrote:
Phone0Ix wrote:
shapesifter13 wrote:
Malfoydragon wrote:
Malfoydragon wrote:Has the malware, the hackers, and all traces of the hackers been removed?


I'd like a clear answer from staff on this please, because I changed my password to a temporary password, if everything is removed I can create a permanent password for this account.


We believe we have fixed all the holes, but we are having a security firm audit everything currently. Once they gives us the all clear we will be making every user change their password with a new force password reset feature we are working on.

Can you give a warning a week before the reset? Because I'm still afraid my friend will use their account with the password reset. In that way my friend can contact the admins when emails to your team are stopped being about the breach and he can contact you to get to change their email


He can change his account's email directly from the forums at any time.

But he got the inactive account bug
Call me Phone Ig

Or Silver because of my old discord name. Or Mikan because of my new discord name. Or Julian as that's my actual name
User avatar
Phone0Ix
[Forum Mafia XVII] Winner
[Forum Mafia XVII] Winner
 
Posts: 429
Joined: Sun Jul 24, 2016 11:00 am
Location: The Netherlands

Re: Data Security Update 1/4/2019

Postby Jerme » Thu Jan 10, 2019 3:25 pm

In which regard? The account for the forum or the game?
Does the usage of this link work? http://www.blankmediagames.com/phpbb/uc ... resend_act
Disclaimer: I try to abide by the game's softfilter and use the appropriate replacements, when I am using the forums. Those will be set in brackets. Example: [tarnation]
Visit my role suggestions and give me feedback: http://www.blankmediagames.com/phpbb/viewtopic.php?f=27&t=28949

Visit the Testing Grounds
Occupation: A developers pain and joy (QA-fox), currently "hired" by Ralozey
User avatar
Jerme
Global Moderator
Global Moderator
 
Posts: 28197
Joined: Thu Apr 30, 2015 2:09 pm

Re: Data Security Update 1/4/2019

Postby Flavorable » Thu Jan 10, 2019 5:15 pm

Jerme wrote:In which regard? The account for the forum or the game?
Does the usage of this link work? http://www.blankmediagames.com/phpbb/uc ... resend_act


Use this link: ucp.php?mode=resend_act
No reply to your support ticket after 15 business days? PM me with your ticket number.

You may PM me for clarifications on appeal verdicts, but keep in mind the verdict will not change.

Do you have 151+ games played and want to help rid the community of toxic players and gamethrowers? Join the Trial System today: https://www.blankmediagames.com/Trial/#start

Also, check out the Trial System Discord Server: https://discord.gg/K5SnyJS
User avatar
Flavorable
Global Moderator
Global Moderator
 
Posts: 9279
Joined: Thu Apr 28, 2016 3:24 am
Location: Netherlands

Re: Data Security Update 1/4/2019

Postby PyromonkeyGG » Fri Jan 11, 2019 9:17 pm

We are working with a security firm and increasing our security. We are also creating easier to use pages to change your password (we know only changing it through phpbb isn't ideal) among other things.
User avatar
PyromonkeyGG
Developer
Developer
 
Posts: 2198
Joined: Mon Feb 10, 2014 5:32 pm

Re: Data Security Update 1/4/2019

Postby James2 » Fri Jan 11, 2019 10:00 pm

Hopefully the security firm can help you not use the same password for everything.
James2
Godfather
Godfather
 
Posts: 1555
Joined: Tue Jun 16, 2015 9:53 am

Re: Data Security Update 1/4/2019

Postby Aerle » Sun Jan 13, 2019 8:17 am

My password was changed to an automated one and I would like to change it to a password that I will remember. How do I do this?

Thank you.
Aerle
Newbie
Newbie
 
Posts: 1
Joined: Wed Mar 09, 2016 3:53 pm

Re: Data Security Update 1/4/2019

Postby Flavorable » Sun Jan 13, 2019 11:03 am

Aerle wrote:My password was changed to an automated one and I would like to change it to a password that I will remember. How do I do this?

Thank you.

ucp.php?i=profile&mode=reg_details
No reply to your support ticket after 15 business days? PM me with your ticket number.

You may PM me for clarifications on appeal verdicts, but keep in mind the verdict will not change.

Do you have 151+ games played and want to help rid the community of toxic players and gamethrowers? Join the Trial System today: https://www.blankmediagames.com/Trial/#start

Also, check out the Trial System Discord Server: https://discord.gg/K5SnyJS
User avatar
Flavorable
Global Moderator
Global Moderator
 
Posts: 9279
Joined: Thu Apr 28, 2016 3:24 am
Location: Netherlands

Previous

Return to Announcements

Who is online

Users browsing this forum: No registered users and 10 guests