The VG Resource

Full Version: Database Compromise and Why You Might Not be Able to Log In
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
As some of you have probably noticed by now, everyone was logged out of the forum (and, by association, the sites) last night. This was a quick first measure in response to a database compromise we experienced the other day that I was just made aware of. Apparently, on the 14th, one of the MyBB developer's Github accounts was compromised and the attacker was able to run database backups on every single MyBB forum running the most recent version of the software (we were not specifically targeted here). These backups were then sent off to their IP. I have no way of knowing if the process actually completed, nor do I know the motivation of the attack, so I can only proceed by assuming it was malicious and that the attackers have a copy of our user table.

What does this mean going forward? I am requiring ALL staff (both forum and site) to change their passwords immediately. I encourage everyone else to do the same, especially if you use your password here elsewhere as well. Passwords are stored in an encrypted state so it would take some work on the attacker's end to actually get something meaningful out of the data they have but it's still better to be safe than sorry.

For more information about the attack, see this blog post on the MyBB site.

Sorry for the late notice on this but I only just found out last night and couldn't actually sit down to write this up until this morning. If you have any questions or concerns, post them here.
If anyone is having trouble logging in to change anything, just delete every cookie for the resource sites (vg, spriters, models, etc.). It was the only way I could get in.
Oops, sorry! I forgot to mention that in the original post. Thanks Deathbringer.
Just changed my password i wasn't compromised, but better to be safe than sorry.
Question, is the thing that was hacked the forum or the main site accounts?
They are one and the same. Nothing was hacked in the sense that they have plain text passwords though. They got a dump of the users table which contains all of our user info but the passwords are encrypted (not to mention that this was a mass attack so they likely have thousands of database exports) so it's unlikely they've been able to actually access any accounts. It's still better to err on the side of caution though, which is why I recommend resetting your password.
Is VGFacts in the same boat?
No. VGFacts was not affected by this exploit. This was purely by chance since none of us happened to log into the Admin CP while it was active.
I should've though twice before deleting all of my cookies...I just lost ALL of my game files on Nitrome!!! Very Sad

But...what's done is done. Next time, would it be possible to get the logins working in a way that doesn't require one to delete all of their cookies?
You have the option to delete cookies from specific domains, though doing so varies by browser. I realize this information does you little good now, and I'm sorry you lost your game files, but in the future, only delete the cookies from *-resource.com should the need arise.
Changed my password, tally-ho.