Users Can Now Change Passwords; Additional Data Breached
SSRG member Hapisan advised users of the Sonic Stuff Research Group to not log into their forum accounts this morning, as a plain text database for the whole forum was discovered–allowing anyone with access to compromise user data there and potentially elsewhere.
The problem has since been fixed, and SSRG administrators are now investigating, as we learned via a News Tip from Spanner later in the morning.
“This was not done as an official modification, this was a deliberate malicious hacking attempt by someone with access,” said SSRG admin Qjimbo, who also revealed data beyond users’ passwords had been compromised.
“PsychoSk8r’s FTP account was also compromised on the server and scripts were uploaded that allowed the perpetrator to run a telnet daemon and run whatever commands they wished,” Qjimbo continued.
Once thoroughly investigated, the snafu may be the key to figuring out what led to the compromise of Sonic Retro forum admin Dustin Wyatt’s credentials, and perhaps data from Stealth, who had sensitive work of his leaked this week.
SSRG forumers should change their passwords as soon as possible. For the record, SSRG is a TSSZ affiliate.
Loading ...
The return of the “DRAAAAAAAAA” header. lol.
Just for the record, I’m not an admin at SSRG. XD;
What, does the SSRG not even get its own logo? Drama one seems overkill. The issue has already been sorted out, and anyone with an account SHOULD CHANGE ITS PASSWORD EVERYWHERE.
“…plain text database for the whole forum was discovered this morning.”
Why do people continue to believe keeping important things in plain text is a good idea? As Spanner said, if you’re a user of SSRG, change your passwords for everything, most importantly your email. All these gaming-related leaks as of late is really getting annoying.