[NOTICE] Staff Information Data Leak

Discussion in 'Empire Help & Support' started by Krysyy, Sep 14, 2016.

Thread Status:
Not open for further replies.
Page 2 of 9
  1. Yes, it would be giving them credit by name, which I refuse to do. They want to be recognized for the infamy.
    Krysyy, Sep 14, 2016
    #21
    ANubIsWe3, Perry_Stahlsis, commander_JS and 10 others like this.
  2. But I am happy that the situation was handled
    SkeleTin007, Sep 14, 2016
    #22
    We3_MPO, Perry_Stahlsis, CrystallineRaven and 1 other person like this.
  3. Just wanted that clarification. Those who had information compromised were informed in a timely manner. Thank you, and great job in handling this.

    EDIT: Worded better, unfair wording in it.
    Dr_Chocolate, Sep 14, 2016
    #23
  4. ehhh... *changes password that was literally "tuq"* lol... ehh good luck staff with the info in the breach, hope everything turns out fine
    Tuqueque, Sep 14, 2016
    #24
    TechNinja_42 likes this.
  5. My company just fired someone and her password was 'password'. Can't get worse than that...
    Krysyy, Sep 14, 2016
    #25
    Perry_Stahlsis, cowland123, khixan and 11 others like this.
  6. Krysyy you should try Keepass. It can generate completely random passwords (very secure passwords). Then it stores them in an encrypted file. You can make the encryption however impossible you want to crack. All you need is one master password to open the file (which I would make very complex) .
    Sgt_Pepper4, Sep 14, 2016
    #26
    FirstJugBurgerz, Kytula and Jimbonothing64 like this.
  7. I have that. I wasn't the account that was breached.
    Krysyy, Sep 14, 2016
    #27
    MissFable and Sgt_Pepper4 like this.
  8. For other staff as well? Yay I found another user! Lol
    Sgt_Pepper4, Sep 14, 2016
    #28
  9. Oh trust me, Aikar became spokesperson for Keepass and Lastpass during our staff conversations after this. Every staff is well aware of its existence.
    Krysyy, Sep 14, 2016
    #29
    Perry_Stahlsis, Wanderton, MissFable and 6 others like this.

    ehh i have a q about this... i know only one person that has been IP banned, and i think it was X(censored for reasons)... now with this leak, the info stealer knows where X lives cause he knows his IP?
    Tuqueque, Sep 14, 2016
    #30
  11. It is always easier to break a system than it is to keep it safe, with the reason being that one side has to create a whole new system/method, and the other takes a preexisting system/method and just has to attack weak points.

    A relatively easy and temporary method to keep things safe until true two factor authentication is added would be to have a second password required that resets every 12 hours. This would be randomly generated and global for all the staff team (hence not true two factor), and would be dispersed through something other than email (ie Dropbox) since email is the most targeted method of communication.
    jkjkjk182, Sep 14, 2016
    #31
    607 and MrsWishes like this.
  12. Well this very unfortunate. I do hope the staff member who's account was hacked didn't get reamed out to much by Aikar. I do fill bad and hope that the staff member isn't beating themselves up to much about this. It could've happened to anyone.
    AncientTower, Sep 14, 2016
    #32
    Patr1cV, Nickblockmaster and ANubIsWe3 like this.
  13. This is the reason for this announcement. You cannot track an IP back to the exact address, but it gives general information based on the provider you use and the city that it's routing from if you use an IP tracer. For example, my IP gives Austin area as it's response (which is a moot point because I list that as my city on the forums anyway). We are notifying every person who had this data accessed from our systems so that they are aware that the general location of their network provider was compromised.

    As a side note, IP addresses can be traced pretty easily, given the right tools, and without hacking into any servers. It's a matter of simply being connected to the wrong site when someone tries to access it. Some sites are safer than others. It is ALWAYS important to practice safe internet practices at all times so that a person could not use your IP and clues to narrow their search in any manner.
    Krysyy, Sep 14, 2016
    #33
    ShelLuser, Silken_thread, AnonReturns and 1 other person like this.
  14. What you suggest is a 2 factor authorization, just a different form from what is planned. It's going to take a bit until Aikar can get this built into the forums.
    Krysyy, Sep 14, 2016
    #34
    Perry_Stahlsis likes this.
  15. Thank you for being awesome and making the community safer !!
    DarkModFallen, Sep 14, 2016
    #35
    Perry_Stahlsis, Faithcaster, ShelLuser and 7 others like this.






  16. Edit: I actually read something through, but it doesn't help me get over that this didn't happen for RainbowChin's case. The system, now implemented should of happened ages ago.
    CaptainFoxy_, Sep 14, 2016
    #36
    SkeleTin007 likes this.
  17. Changing passwords is the security measure. We have the plan to put in 2-factor authorization, but that code does not exist to simply plop into our forums without breaking something as of right now. Your password was hacked because of your poor password practices which is simply human error. This entire problem staff-side was caused by the same issue. Making it necessary to change your password every 3 months is excessive and we have enough issues with people forgetting their passwords as is. We are responding to this issue, but no system is perfect. We need to determine the best balance for our server and go from there.
    Krysyy, Sep 14, 2016
    #37
    Perry_Stahlsis and 607 like this.
  18. Wow. No one deserves to get their accounts hacked. This could have happened to anyone. I agree that the offender should never be allowed back onto EMC.

    I show sympathy for Krysyy and whoever this happened to. :(
    We3_MPO, Sep 14, 2016
    #38
    Perry_Stahlsis, AncientTower, TBird1128 and 1 other person like this.
  19. Yikes I hope the moderator's can recover quickly after this incident. If something like this happened to me, I would be freaking out. D: Its horrible to see emc hacked. :(
    EnderMagic1, Sep 14, 2016
    #39
    ANubIsWe3 likes this.
  20. I use LastPass with 2-factor authentication but I find it worrisome that a game account needs to be protected like this. The fact that someone felt it necessary, for whatever reason, to try and attack a game is just sad and pathetic. Whoever this was I hope they find a way to find some happiness in life and realize that causing others pain won't help themselves.
    WayneKramer, Sep 14, 2016
    #40
    Perry_Stahlsis, khixan, tuq1 and 2 others like this.
Page 2 of 9
Thread Status:
Not open for further replies.