landshark 1 Posted June 10, 2012 Tonic, you mentioned sending out a mass email alerting the forum users that security breach happened and people's email/passwords were taken.Considering you had to roll back to a DB backup from May 22nd (I believe), how is anyone going to receive a mass email? There were tens of thousands of people who signed up between then and now, all of which have lost their forum accounts entirely and none of which will be receiving any email alerts.I'm really curious how this is going to be handled. Share this post Link to post Share on other sites
therussiandong@hotmail.com 5 Posted June 10, 2012 WHAT? Share this post Link to post Share on other sites
clever 12 Posted June 10, 2012 WHAT?You didn't read the announcement? Holy shit...maybe the database reset sent us back in time! Share this post Link to post Share on other sites
infinitegrim 47 Posted June 10, 2012 So thats why I couldnt login or reset my password Share this post Link to post Share on other sites
reuter 120 Posted June 10, 2012 We got some very deep security issues. Share this post Link to post Share on other sites
landshark 1 Posted June 10, 2012 I only found out by chance, before realizing my account was gone. There's an announcement somewhere talking about someone who hacked the forums and got not only everyone's unsernames/passwords (of course the passwords were encrypted, although still possible to decypher them), they also got all the admin usernames/logins for all of the DayZ hosted servers. Tonic's solution was to send out a mass email to everyone explaining what happened. Except, as I mentioned before, how are all the effected people going to get that email when their accounts no longer exist? Share this post Link to post Share on other sites
WildGunsTomcat 78 Posted June 10, 2012 LOL....it'll be handled by them coming on a realizing they don't have accounts anymore.Then they'll get curious and go to the announcement forums and read what happened. Why you think that anyone owes anyone ANY explanation on THEIR forum is beyond me....but meh. Share this post Link to post Share on other sites
Max Planck 7174 Posted June 10, 2012 WHAT? Your man Tonic put an extremely clear and visible post in the Announcements forum' date=' didn't you see it? It was called 'LOLTHEYTROLOL!' or something to that effect. Clearly, they have done all they could.[hr']Why you think that anyone owes anyone ANY explanation on THEIR forum is beyond me....but meh. Because you are supposed to handle personal information in a safe and secure manner? Because you want people to play your mod and to be taken seriously as a developer, not to be known wide and far for ignoring security issues? Share this post Link to post Share on other sites
Boss (DayZ) 1 Posted June 10, 2012 So you scrubs don't use different passwords for everything? Share this post Link to post Share on other sites
Legacy (DayZ) 1091 Posted June 10, 2012 I would imagine using the current forum as it is on a private website, emailing everyone then deleting the forum. Share this post Link to post Share on other sites
landshark 1 Posted June 10, 2012 LOL....it'll be handled by them coming on a realizing they don't have accounts anymore.Then they'll get curious and go to the announcement forums and read what happened. Why you think that anyone owes anyone ANY explanation on THEIR forum is beyond me....but meh.Well, because personal information was stolen. Also, I believe there's a law requiring the website owner to alert all members when their info is stolen. Share this post Link to post Share on other sites
Max Planck 7174 Posted June 10, 2012 So you scrubs don't use different passwords for everything? No, not at all. I would need 143296400 passwords to do that.I use strong unique PW's for things like online banking and Email, and then I have a couple of easy fast PW's for things like gaming forums. I honestly don't care much if someone comes in here pretending to be me, but I do care that the email account I used signing up to this forum just started getting spam. I'm not saying it's related to the security breach, but it is a strange coincidence seeing how its been spam free for a couple of years until now. So there's that. Share this post Link to post Share on other sites
kilmannan 1 Posted June 10, 2012 That's a well-made point OP.If there has been a security breach and the first reaction was to shut-down the Forum and rollback, you've lost the emails of those people that joined since the last backup and you've lost the means to inform them.Sure, you can make a post on the Forum and website, but what happens if you're away with other commitments / don't check the website that often?You've now got a compromised account which whilst no longer in existence here at DayZ, could be used to gain access elsewhere if you have poor password standards.Partial blame on you for having poor password standards, majority blame on the Day Z website admin for not approaching the breach in a mature and thought out manner.I saw the message put up whilst the Forum was down - very childish. Share this post Link to post Share on other sites
dale0404 16 Posted June 10, 2012 @Max, me thinks your telling porkies just to gain some credence to your post. Share this post Link to post Share on other sites
Max Planck 7174 Posted June 10, 2012 @Max' date=' me thinks your telling porkies just to gain some credence to your post.[/quote'] Porkies, eh? If you refer to my number of passwords then yes, that was an ever so slight exaggeration. Regarding the spam, I have indeed received spam today for the first time in a few years time. A single (1) mail only though, so if that is not enough for you then... Go get stuffed. It does not have anything to do with the point. Share this post Link to post Share on other sites
