Notice about Dec 1st, 2015 - Partial email address leak

Discussion in 'Empire News' started by Aikar, Apr 22, 2018.

  1. Today, we at Empire Minecraft were made aware of a link being sent containing a list of some (not all) EMC players’ email addresses. First off, rest assured that no password data was leaked in any manner from Empire Minecraft’s server, not even password hashes. After reviewing the document, the source of this information comes from the Dec 1st, 2015 incident where a Senior Staff member’s account was compromised.

    The notice to the community regarding this incident was made at the same time and is linked below:
    https://empireminecraft.com/threads/site-problems-12-01-2015.59708/

    Unfortunately, at the time and due to the significance and focus put towards the restoration of the forums and deleted accounts, our investigation into the incident did not raise any red flags that the person responsible would have saved any email addresses. We apologize for overlooking this crucial matter at the time and only hope to have caught it sooner. However, as we cannot change the past, we can only do what’s best in the present day, and that is updating our community on the information that we now have. Thankfully, we still have the logs to indicate what was accessed, and after a detailed and more thorough investigation, we have the ability to alert and notify those affected, as well as all of our Empire Minecraft members.

    A total of 7718 email addresses are in the document and mapped to the corresponding username at the time. These were accessed from the Xenforo admin panel. Neither our database nor the physical servers were compromised in any way during the incident. We will be sending emails to the addresses in this collection to inform them of this leak directly, in the case that they do not see this notice.

    While the forum admin panel that was accessed does not contain the passwords, even in hashed form, it is important to note that the person responsible for this incident was able to access a limited number of these player accounts. This was due to a password dump from various other websites and the use of shared passwords for these Minecraft accounts. Once again, we urge all players to use unique and complex passwords when utilizing internet resources. This includes EMC, as well as anywhere else that requires a password.

    Since the incident in December 2015, EMC has implemented an available 2-factor authentication for the forums (see guide here). Our staff are required to use this feature, and we highly encourage all players to make use of it. We take your privacy very seriously. The only private information we collect is your email address, and for older members, we used to collect your birthdate. The incident logs show that the birthdays were never accessed. However, as this is no longer a needed feature, we have gone ahead and removed the birthday data from our database for all players. Furthermore, we are researching into the possibility of removing email addresses from the forum joining requirements as well.

    Note that EMC does not currently require a valid email address, but it is needed to reset your forums password, should you ever forget it. If you do not wish to receive notifications from EMC and are okay with the risk of being unable to reset your password yourself should you forget it, we recommend changing your email to yourusername@users.emc.gs

    We advise using this format because it will alert our system that it is not a valid email, and so it won’t attempt sending messages to a random bogus email.

    If you have any questions regarding this message, please feel free to send a private message to myself, or you can email me at daniel@starlis.com. While this pertains to an incident from years ago, it’s important to me that all questions regarding this manner are answered fully and that no player ever feels uneasy about their security on this server now or in the future.

    ---
    4/22/18 8:35PM Update: We have added a quick tool to check if you were impacted or not here: https://empireminecraft.com/checkemail.php
    Simply enter your email and it will let you know if you were in the list.
  2. Thanks for letting us know
    We3_MPO likes this.
  3. I will keep my eyes open and keep myself safe from these issues so it doesn't happen to me
    We3_MPO likes this.
  4. I feel bad for the unfortunate soul that took time out of their life in an attempt to try and cause trouble... It's almost as if they had nothing better to do...
    AKing707 and We3_MPO like this.
  5. How troublesome
    We3_MPO likes this.
  6. Thanks for letting us know. Have PMs been sent to those affected, and if not, was I affected?
  7. Emails were sent to the emails that were affected.
    "We will be sending emails to the addresses in this collection to inform them of this leak directly, in the case that they do not see this notice."
    Wanderton and We3_MPO like this.
  8. Of course this is concerning news (I still remember that incident by the way) but posts like yours are why I'm not too much bothered by this. For the simple fact that if "$stuff happens" then you guys don't try to cover up the nastiness but simply come clean with the community and share the facts as they are.

    Looking back in hindsight is always easy, I'm happy to learn that you guys picked up on this and sorted it out!
    607, We3_MPO and FadedMartian like this.
  9. Good thing I hadn't been registered on the forums at that time. Although, I share my email address on my profile page. Should probably change that.
  10. I know people make mistakes.. and I very vividly remember this happening... but i find it crazy but understandable that no one knew of this list until now. I think I remember you guys stating you have a suspicion on the persons identity... any chance on prosecution of any such? Or might it be too late now?
    ItsMeWolffpack and We3_MPO like this.
  11. Thanks for letting us know, I really appreciate the transparency.
    We3_MPO likes this.
  12. Suspicion is not completely foolproof. As the time has passed, there has been no indication of continued problems with the suspected individual. Therefore, we don't want to waste time giving them any more of our attention.
    607, FadedMartian and We3_MPO like this.
  13. Thank you for the update.
    We3_MPO likes this.
  14. 607, We3_MPO and q1zx like this.
  15. That was a different incident you are are referencing (and was not a Sr. Staff so no access to forum admin panel, and no PII is visible in Square), but no we did not have evidence nor identification in that incident.

    No one discovered the list or reported it to us until now.

    Note the emails have not been sent yet. Considering we do not perform email marketing, we don't have a method setup even to send a mass email yet.

    I'm going to write up some code to perform the email over next few days.

    In the mean time, I wrote a quick tool to do the check yourself. Just put in your email and it will let you know if it was and what your username was at the time (if you don't remember your old name...)

    https://empireminecraft.com/checkemail.php
    Sazukemono, 607, Harp4Christ and 5 others like this.
  16. Worked. Thanks!
    We3_MPO likes this.
  17. Great.



    Oh well. :p
    ILTG, 607 and We3_MPO like this.
  18. We3_MPO likes this.
  19. So, uhm...my email + user was leaked...

    So uhm, what does it mean? Well I know the literal meaning, but I do not know what to do?

    I mean, Ive lived with it for these 3 years... in the meantime I created a specific gaming email, but yeah that does not help much now

    What can I do to avoid getting bad things other than not opening spam/junk email?
    ILTG and We3_MPO like this.