[NOTICE] Staff Information Data Leak

Discussion in 'Empire Help & Support' started by Krysyy, Sep 14, 2016.

Thread Status:
Not open for further replies.
  1. Yes, it would be giving them credit by name, which I refuse to do. They want to be recognized for the infamy.
  2. But I am happy that the situation was handled
  3. Just wanted that clarification. Those who had information compromised were informed in a timely manner. Thank you, and great job in handling this.

    EDIT: Worded better, unfair wording in it.
  4. ehhh... *changes password that was literally "tuq"* lol... ehh good luck staff with the info in the breach, hope everything turns out fine
    TechNinja_42 likes this.
  5. My company just fired someone and her password was 'password'. Can't get worse than that...
  6. Krysyy you should try Keepass. It can generate completely random passwords (very secure passwords). Then it stores them in an encrypted file. You can make the encryption however impossible you want to crack. All you need is one master password to open the file (which I would make very complex) .
  7. I have that. I wasn't the account that was breached.
    MissFable and Sgt_Pepper4 like this.
  8. For other staff as well? Yay I found another user! Lol
  9. Oh trust me, Aikar became spokesperson for Keepass and Lastpass during our staff conversations after this. Every staff is well aware of its existence.

    ehh i have a q about this... i know only one person that has been IP banned, and i think it was X(censored for reasons)... now with this leak, the info stealer knows where X lives cause he knows his IP?
  10. It is always easier to break a system than it is to keep it safe, with the reason being that one side has to create a whole new system/method, and the other takes a preexisting system/method and just has to attack weak points.

    A relatively easy and temporary method to keep things safe until true two factor authentication is added would be to have a second password required that resets every 12 hours. This would be randomly generated and global for all the staff team (hence not true two factor), and would be dispersed through something other than email (ie Dropbox) since email is the most targeted method of communication.
    607 and MrsWishes like this.
  11. Well this very unfortunate. I do hope the staff member who's account was hacked didn't get reamed out to much by Aikar. I do fill bad and hope that the staff member isn't beating themselves up to much about this. It could've happened to anyone.
  12. This is the reason for this announcement. You cannot track an IP back to the exact address, but it gives general information based on the provider you use and the city that it's routing from if you use an IP tracer. For example, my IP gives Austin area as it's response (which is a moot point because I list that as my city on the forums anyway). We are notifying every person who had this data accessed from our systems so that they are aware that the general location of their network provider was compromised.

    As a side note, IP addresses can be traced pretty easily, given the right tools, and without hacking into any servers. It's a matter of simply being connected to the wrong site when someone tries to access it. Some sites are safer than others. It is ALWAYS important to practice safe internet practices at all times so that a person could not use your IP and clues to narrow their search in any manner.
  13. What you suggest is a 2 factor authorization, just a different form from what is planned. It's going to take a bit until Aikar can get this built into the forums.
    Perry_Stahlsis likes this.
  14. Thank you for being awesome and making the community safer !!






  15. Edit: I actually read something through, but it doesn't help me get over that this didn't happen for RainbowChin's case. The system, now implemented should of happened ages ago.
    SkeleTin007 likes this.
  16. Changing passwords is the security measure. We have the plan to put in 2-factor authorization, but that code does not exist to simply plop into our forums without breaking something as of right now. Your password was hacked because of your poor password practices which is simply human error. This entire problem staff-side was caused by the same issue. Making it necessary to change your password every 3 months is excessive and we have enough issues with people forgetting their passwords as is. We are responding to this issue, but no system is perfect. We need to determine the best balance for our server and go from there.
    Perry_Stahlsis and 607 like this.
  17. Wow. No one deserves to get their accounts hacked. This could have happened to anyone. I agree that the offender should never be allowed back onto EMC.

    I show sympathy for Krysyy and whoever this happened to. :(
  18. Yikes I hope the moderator's can recover quickly after this incident. If something like this happened to me, I would be freaking out. D: Its horrible to see emc hacked. :(
    ANubIsWe3 likes this.
  19. I use LastPass with 2-factor authentication but I find it worrisome that a game account needs to be protected like this. The fact that someone felt it necessary, for whatever reason, to try and attack a game is just sad and pathetic. Whoever this was I hope they find a way to find some happiness in life and realize that causing others pain won't help themselves.
    Perry_Stahlsis, khixan, tuq1 and 2 others like this.
Thread Status:
Not open for further replies.