Hard to understand some of the angst here. The bottom line is that much bigger organisations have been hacked with more serious consequences and I doubt they would have had such a swift and effective response. Think NAB with personal financial info hacked for 130,000 customers. Think Ancestry, think LinkedIn, think ANU, think Nova radio where birthdates as well as contact details were hacked. 

I say, well done, @Marc and let me or anyone else know if you need some assistance - or sleep.

10 hours ago, Marc said:

 

I checked your email against the https://haveibeenpwned.com/ website for you. Your email (and potentially other information), has been exposed in 9 major data breaches. Might want to check that and clean up your accounts where possible.

Thanks for the link. I discovered I've been terribly pwned  only one of my email addresses has no pwnage lol.

 Top job @Marc in tracking this down and stopping it so quickly, as you know we're here to help any way we can. 

I would like to add my small voice of thanks to @Marc for his rapid, decisive and comprehensive actions, on a weekend no less,  to keeping us all safe.

 

There must be some pretty scabby "people" in the world to carry out such an attack.

 

Also, to those who put grumpy faces in their posts on this subject, you oughta all piss off.

Edited April 26, 20214 yr by The Rock Puppy

I know I post good deals sometimes on the classifieds, but never deals that are THAT good. 

 

And besides, paying in crypto is sooooo 2014.

 

40 minutes ago, pete_mac said:

 

 

Interesting... I always pictured @Marc as being an 'over-ear' headphones kind of guy...

 

 

 

Marc? Headphones?

PLEASE.

Upon reflection, I've perhaps revealed too much info in this thread in my bid to be totally transparent about what happened and processes we had in place. The hacker had a thorough understanding of how things work already. I don't want to plant seeds for future hacks. On the advice from a couple of members, I've hidden many of the posts now. 

 

I will close this topic as I believe this has now been resolved. Anyone with genuine concerns about security can contact us directly for private conversation with verified members.

 

One final note, I would just to like to mention my appreciation to the members for their patience and understanding throughout this incident. Your trust is my biggest priority, and we wouldn't want to lose that under any circumstances. Thanks again.

OK, I think the dust is settling now. 

 

In the early hours of Sunday morning there was a security breach of our servers/software. We acted swiftly to stop that, took the server offline and promptly restored backups while forensic investigation took place of the affected server. As mentioned elsewhere, no user data was accessed or downloaded. That issue is now put to rest, and being mindful of revealing much more to potential future hackers, nothing more needs to be said on that particular matter or at least discussed in this thread. If anyone has any further concerns, I am happy to take that up with them in private via PM or email.

 

Sunday morning once things were back in control, I initiated a site-wide forced password reset for all users. At the time this made perfect sense, but two things were realised. The first was that when you email 160,000+ users in one go, that load on the server is hard to manage. Secondly, those that did get through and requested the reset password emails caused a massive mail server queue. In some cases, some of those emails are only just getting through now. It left a lot of users locked out unfortunately.  Also learned, was that the email that was sent out requesting everyone to reset their password was too vague, and would have been considered suspicious by most recipients, particularly those that may not have even visited StereoNET in years. We'll do better here, and communicate better should the need arise again.

 

To combat the above mail server issues, we have now out-boarded the handling of SN Forum mail to a specialised provider. This will mean faster and more reliable mail delivery, and also less prone to being blacklisted by ISPs for spam. Another long term investment. 

 

Further to the above, I have also removed nearly 80,000 accounts from our system that had 0 posts, and the user had not visited StereoNET since 2018. In my view, this was enough to consider them inactive. This will take the load of our database, and likely reduce the amount of email our system sends for notifications, or the site-wide email we sent out mentioned previously.

 

Monday we implemented many high-level security upgrades, that for a site such as this, many would consider over the top. 

 

Tuesday morning it was decided to go a few levels further, which for me was a long-term investment, and so we implemented a brand new "clean" server, and migrated the sites and databases over this afternoon. Unfortunately, that meant a 4-5 hour outage while waiting for the DNS to propagate (update). 

 

Additional security was also then implemented, that complies with Australian Government guidelines for its own internet-connected machines. Our system now is ridiculously well protected, but as we know, not even banks or major infrastructure are perfect. We have done the best that is available to us, and that should give us a much better fighting chance against the amateurs at least. As for professionals, you would think they have better targets to chase.

 

So ultimately, I think we're past it all now and are not expecting any further downtime. There are still some members having account login issues, and over the past 3 days I am working through those emails, posts, or PMs and helping them sort that out.

 

Thanks for sticking with us all, and most importantly, thanks for your support,  patience and your trust in us.

Thank you Marc, for making this such a great community.

A lot of us enjoy what’s shared here. 

Thank you 🙏

Thanks Marc for the update and all your hard work. I think I was fortunate in receiving the email early on and was able to reset my password without issue.

 

Marc - nicely done on all fronts. Bad actor activity has picked up considerably at all levels over the past two years. Your response is up there as best in class for an organisation of SNA's size.

 

Obligatory xkcd for those who haven't encountered passphrases:

 

                                                               Password Strength

 

 

 

Thanks @Marc, for all the work!

 

11 hours ago, ThirdDrawerDown said:

Marc - nicely done on all fronts. Bad actor activity has picked up considerably at all levels over the past two years. Your response is up there as best in class for an organisation of SNA's size.

 

Obligatory xkcd for those who haven't encountered passphrases:

 

                                                               Password Strength

 

 

 

 

One thing I always wondered about is, if the password entry system only allows 5 entries before it's locked, how does 28 bits of entropy mean it's a bad security measure?

 

Obviously, if there's no limits on the amount of times a password can be attempted...but I don't think I know any of those websites.

@Marc

I am donating a certain amount of $ to assist you in this process.

I am also using this post to ask other members to just voluntary chip in some $ to assist with the expense.

Thanks a lot for the forum.

Thanks for all the hard work

8 hours ago, Jventer said:

@Marc

I am donating a certain amount of $ to assist you in this process.

I am also using this post to ask other members to just voluntary chip in some $ to assist with the expense.

Thanks a lot for the forum.

 

Already done .

 

I did the donation almost as soon as I read how much effort had gone into making the site viable again.

 

It is times like this where we should realise that this site doesn't run by sprinkling magic dust.

Edited April 28, 20214 yr by rantan