Dec 13Th Incident - Official Response
#81
Posted 13 December 2012 - 06:12 PM
#82
Posted 13 December 2012 - 06:13 PM
Maybe they were the one that wanted the PGI job all along, not me!
#83
Posted 13 December 2012 - 06:20 PM
#84
Posted 13 December 2012 - 06:20 PM
Bryan Ekman, on 13 December 2012 - 04:14 PM, said:
- At no time were any databases containing personal information compromised. This includes e-mails and passwords.
- PGI and IGP does not store, nor have access to any user credit card information.
- Account passwords are encrypted and stored in databases not affected by today’s incident.
OK, but could there conceivably have been some keylogging or software installed as a result of the vulnerability?
I appreciate that the password server wasn't breached, but is there a potential threat to our login information separate from that?
Do you have any reccomended course of action, IE should we run an malware scan?
#85
Posted 13 December 2012 - 06:22 PM
Edited by Elddric, 13 December 2012 - 06:23 PM.
#87
Posted 13 December 2012 - 06:24 PM
Elddric, on 13 December 2012 - 06:22 PM, said:
^ and THIS!
There is also ways to teach and inform others without having a hissy fit. More people might be prone to listen.
Edited by DerelictTomcat, 13 December 2012 - 06:24 PM.
#89
Posted 13 December 2012 - 06:28 PM
#90
Posted 13 December 2012 - 06:29 PM
"Didn't see the post earlier.. seems that firefox users are having the issue too. The thread for this topic has already been posted HERE...
http://YOU-ARE-ALREADY-AT-THE-THREAD
Sorry for the extra post on the issue.. just found it myself."
........BUT... it was already locked!! d'oh! good job on keeping an eye on the problem guys
#91
Posted 13 December 2012 - 06:33 PM
It isn't their job to teach anyone about keeping their personal computer secure and safe its their job to make this game I enjoy so much.
As an employer anything an employee does on my network ultimately belongs to me. I can see an employer saying access to a gaming forum is off limits just because you should be working.
peace
Edited by DerelictTomcat, 13 December 2012 - 06:36 PM.
#92
Posted 13 December 2012 - 06:35 PM
(don't ban me.. I'm just kidding) XD
#93
Posted 13 December 2012 - 06:35 PM
Edited by Elddric, 13 December 2012 - 06:40 PM.
#94
Posted 13 December 2012 - 06:39 PM
#96
Posted 13 December 2012 - 06:57 PM
Perhaps you can explain why I received two identical spam emails to two addresses used exclusively with MWO if this is true. It was what first made me think there was a hack / exploit problem. I came to the forums and got the "Reported Attack Site" message.
#97
Posted 13 December 2012 - 07:00 PM
#98
Posted 13 December 2012 - 07:11 PM
At 5:40p MST I received the "Windows 8 is Fail" email to both of them. And yet, not to any other email alias on those domains. One of them I have not logged into today either in-game or on the site.
I don't know what's worse, PGI lying about it (although it may just be that they literally are that clueless and have no idea ... ), or the white knighting going on.
Seriously folks ... change your password, at the very least. Though more than likely they're just selling emails to spammers when they found no billing/financial info.
Thankfully I wasn't accessing the site on my Windoze machine, because the malware probably delivered a payload. I would highly suggest scanning your machine if your browser didn't prevent you from getting to the site or you didn't have active anti-virus to stop the download from occurring.
Edited by Lin Shai, 13 December 2012 - 07:22 PM.
#99
Posted 13 December 2012 - 07:23 PM
Why do I say that? I got the famous spam email on an account that hasn't logged on in weeks.
#100
Posted 13 December 2012 - 07:31 PM
Lin Shai, on 13 December 2012 - 07:11 PM, said:
At 5:40p MST I received the "Windows 8 is Fail" email to both of them. And yet, not to any other email alias on those domains. One of them I have not logged into today either in-game or on the site.
I don't know what's worse, PGI lying about it (although it may just be that they literally are that clueless and have no idea ... ), or the white knighting going on.
Seriously folks ... change your password, at the very least. Though more than likely they're just selling emails to spammers when they found no billing/financial info.
Thankfully I wasn't accessing the site on my Windoze machine, because the malware probably delivered a payload. I would highly suggest scanning your machine if your browser didn't prevent you from getting to the site or you didn't have active anti-virus to stop the download from occurring.
I have not received the email. If the forum was compromised first I should have received it. Since I did not receive it and we know the forum was compromised afterwards I'm going to go with an external source of emails was found or whoever it was that did this simply pieced together functioning email addresses through deciphering what people post on the forums. Once someone was dumb enough to click the link and forfeit their login information it's child's play to then behave as a user and inject illicit code. From there perhaps additional emails were scraped through cookies and other sources.
The major issues are that they need to close whatever injection vulnerability existed and get blacklists to remove them. As the forum software itself is licensed it's probably not even PGI's fault that the vulnerability existed to begin with - whoever developed it did a poor job of accounting for all injection points. Removing mwomercs.com from the blacklists will imply take time and I'm sure they've already gotten started on it.
I understand Lin Shai that you really don't like PGI and IGP for some reason. I think it borders on irrational at points but you're welcome to your opinion. Please however refrain from discussing security matters that you do not understand. It makes you disingenuous at best gives people the wrong impression.
xenoglyph, on 13 December 2012 - 07:23 PM, said:
Why do I say that? I got the famous spam email on an account that hasn't logged on in weeks.
Emails are easy to guess since most users tend to use similar names across the board. Further many people use the same email through multiple gaming networks. As an example WoW accounts most of the time are almost never compromised through battle.net but rather through malicious ads placed on popular community sites such as mmodb.com and wowinterface.com.
Also it would be pretty clear if someone got into the DB as the logs would immediately reflect this. If someone had gotten access to the DB directly you can rest assured that any self respecting admin would force a universal password reset.
Edited by TruePoindexter, 13 December 2012 - 07:33 PM.
11 user(s) are reading this topic
0 members, 11 guests, 0 anonymous users