Page 1 of 3 123 LastLast
Results 1 to 10 of 26
Like Tree23Likes

Thread: Database Breach

  1. #1
    AVF Newbie | Be nice to me
    Join Date
    Dec 2016
    Location
    Vic
    Posts
    92

    Database Breach

    Hi guy's,

    Just thought I'd drop a quick note to inform everyone that sometime in January 2017 the AussieVapers database was breached, as a result our email addresses, hashed passwords etc have been leaked.

    I was notified today by a service called 'haveibeenpwned', which is run by well known internet security researcher Troy Hunt.

    This wasn't just AussieVapers that was hit, there were many sites. You can see a list of the breached forums and get more info at Troys blog here https://www.troyhunt.com/i-just-adde...-i-been-pwned/

    I'm not sure about you guys, but I'm a member of more than one of these forums.

    Please everyone, change your passwords, enable two factor authentication, lock down all you can. My primary email address was leaked, had I been using the same password everywhere it would have been incredibly easy to get into my net banking

    I also highly recommend signing up for haveibeenpwned, it's free and if an email of yours is found in a leak/hack like this you get an email notification.

    Stay safe everyone
    CMB, MrGruffy and Cat like this.

  2. #2
    AVF Regular
    Join Date
    Nov 2016
    Location
    sunshine coast qld
    Posts
    1,416
    well the breach hasnt been leaked yet since ive typed my email and username in and only the email flagged but knew about those

    the forum side aint part just the main site
    If you know it. Help someone
    If you dont know it. Ask


    On land line is a inanimate object under water it has a life of its own.

  3. #3
    AVF Newbie | Be nice to me
    Join Date
    Dec 2016
    Location
    Vic
    Posts
    92
    Quote Originally Posted by saph View Post
    well the breach hasnt been leaked yet since ive typed my email and username in and only the email flagged but knew about those

    the forum side aint part just the main site
    It's definitely been leaked, that's how the database has ended up in this list.
    About 140 VBulletin (the forum we use here) databases were included with over 940,000 unique email address'.
    The email was the only thing to flag because that's what haveibeenpwned stores, an email is much more identifying than a username.

  4. #4
    AVF Regular
    Join Date
    Nov 2016
    Location
    sunshine coast qld
    Posts
    1,416
    Quote Originally Posted by Saucy View Post
    It's definitely been leaked, that's how the database has ended up in this list.
    About 140 VBulletin (the forum we use here) databases were included with over 940,000 unique email address'.
    The email was the only thing to flag because that's what haveibeenpwned stores, an email is much more identifying than a username.

    7: Reading file "aussievapers.com-vb-2017.txt" at 2,813kb
    Found 28,907 distinct emails

    thats not forums.aussievapers
    If you know it. Help someone
    If you dont know it. Ask


    On land line is a inanimate object under water it has a life of its own.

  5. #5
    Super Moderator
    Join Date
    Aug 2012
    Location
    Central Vic,up near the Murray
    Posts
    18,877
    Interesting .. however going by that site my user name has been hacked at 5 different forums I am not a member of and my sign up email was hacked only @ Adobe in 2013 along with 143 million other email addies ... the site DOES NOT show me as having my info harvested from AVF whatsoever ?

    It might just be the cynic in me , but I wonder how many of these actual sites are set up just so you provide your email to them lol

    Of course only Jato would know if we had ever been compromised in that way , but as a result of recent attempts which crashed the forum etc , they didnt get thru the security past the main page instead as you saw their repeated attempts just filled the log file until there was no space left to actually host the site hence the DB error message popping up
    1ynne and Cat like this.
    EPM V2-18490 (X2 ),GP Spheroid V2.5 and GP Piccolo V2.5 ,BBCB, Provari mini's, REO mini V2.1, 18490 REO , Jazz Carto Pipes ( fitted with GA tank and churchwarden stem Totally Evil!!! ), Meerschaum pipe ,e-holly35W,Phideas, AIOS,Taifun atties, PC Pipe mods.PC Squonker, Svapiamo squonker, GP Paps Heron combo.

    Vaping since 2007 totally smoke free since 2011


    AVF Rules , Read and understand them

  6. #6
    AVF Regular
    Join Date
    Aug 2014
    Location
    Sydney (or lurking in the shadows behind you)
    Posts
    2,208
    Simple rule:
    Emails are little more than electric post cards !
    Don't put anything in an email, you wouldn't put on a post card !!!
    gtadmin, Cat and e_tech like this.
    .

    I Do Whatever I Want,
    Whenever I Want,
    And If It Doesn't Suit You,
    Go Start Your Own Empire
    .
    Anything I write on AVF is purely my opinion and should never be read as fact!
    (or I could just be wrong)
    Please read the AVF rules: http://forums.aussievapers.com/forum...ions-bans.html
    (or wait for Johnny Depp to do the movie)

  7. #7
    Super Moderator
    Join Date
    Aug 2012
    Location
    Central Vic,up near the Murray
    Posts
    18,877
    I have put some really weird Shyte in postcards over the years
    EPM V2-18490 (X2 ),GP Spheroid V2.5 and GP Piccolo V2.5 ,BBCB, Provari mini's, REO mini V2.1, 18490 REO , Jazz Carto Pipes ( fitted with GA tank and churchwarden stem Totally Evil!!! ), Meerschaum pipe ,e-holly35W,Phideas, AIOS,Taifun atties, PC Pipe mods.PC Squonker, Svapiamo squonker, GP Paps Heron combo.

    Vaping since 2007 totally smoke free since 2011


    AVF Rules , Read and understand them

  8. #8
    AVF Regular
    Join Date
    Dec 2013
    Location
    Marrickville NSW
    Posts
    2,761
    I don't recall ever visiting the five sites it says I my email address has been leaked.
    What can I do about?

  9. #9
    AVF Newbie | Be nice to me
    Join Date
    Feb 2016
    Location
    Brisbane, QLD
    Posts
    2
    Quote Originally Posted by Fatman View Post
    Interesting .. however going by that site my user name has been hacked at 5 different forums I am not a member of and my sign up email was hacked only @ Adobe in 2013 along with 143 million other email addies ... the site DOES NOT show me as having my info harvested from AVF whatsoever ?

    It might just be the cynic in me , but I wonder how many of these actual sites are set up just so you provide your email to them lol

    Of course only Jato would know if we had ever been compromised in that way , but as a result of recent attempts which crashed the forum etc , they didnt get thru the security past the main page instead as you saw their repeated attempts just filled the log file until there was no space left to actually host the site hence the DB error message popping up
    Hey Fatman, for further context if you read Troy's detailed explanation on this breach here, he explains that it was difficult to have individual sites returned against email searches on HIBP.com. In the first link he has expanded out the data dump to include individual forums; painful to search through - yes, but better than no info.

    It is a reputable site & useful to know if and when your email is flagged in any breach they pick up - I have not been very active posting at AVF but I read a lot & came here to post something about this as I got notified by having my email registered in the HIBP.com database. Probably a good time to remind people too that it isn't a bad idea to have a "disposable email" to sign up for lesser used websites, or set up an alias for your main email (the main email providers all have this functionality - here's a link to Google results for how-to's).
    Fatman and Cat like this.

  10. #10
    Super Moderator
    Join Date
    Jan 2012
    Location
    Ghost Town (Whyalla), SA
    Posts
    14,233
    Interestingly, my email address used for aussievapers returns "Good news {some other text that I can't remember}"
    Started vaping 28th October 2011

    The bitterness of poor quality remains long after the sweetness of low price is forgotten. - Benjamin Franklin
    Just because you are offended doesn't mean you are right ...




    Please read these rules

    Read about signatures too

 

 
Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin® Version 4.2.4
Copyright © 2017 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO 3.6.0
All times are GMT +11. The time now is 08:07 PM.