Announcement

Collapse
No announcement yet.

Security breach

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security breach

    First of all: great product.

    Now that's out of the way please allow me to tear you a new one.

    Your "faq" and email states that the attack was blocked. It clearly was not. If it was blocked I would not be waking up to your email.

    It would have been even better if you had not locked the FAQ thread so I (and no doubt others) wouldn't be about to create 1000 threads with the same content.

    I am extremely dissatisfied that my personal information has been left vulnerable because of your lax security.

    I bet I am not the only one.

  • #2
    Agreed, blocked is not the same as "they have your email". Also the passwords, where they just MD5 hashes or where they salted?

    Comment


    • #3
      Please delete my account.

      It's not open to discussion.

      Thanks.

      Comment


      • #4
        Yeah we need to know more about the password leak, you try to play it down in your FAQ but you recommend changing it on other forums, tell us more.

        Comment


        • #5
          wow ... drama llama's are in season

          Originally Posted by mupet0000 View Post
          Yeah we need to know more about the password leak, you try to play it down in your FAQ but you recommend changing it on other forums, tell us more.
          you'd be a grade a moron to use the same password on two sites, and deserve everything that befalls you


          The FAQ is quite clear ...

          breach detected and stopped ...
          RECOMMEND you change your password (covering their arses) ...
          Also, if you're a brain dead retard and use the same password on other sites, best you change that password as well

          I can't see what more could be said
          "If you don't like DNAS, write your own damn system"

          So I did

          Comment


          • #6
            I've not used this forum in years and luckily the password was one I no longer use.

            However the email I received said "your email address was exposed as a result of the attack", if it was just my email address why tell me to change my password?

            Was it more than just email addresses that were exposed? Is it a hash that someone has their hands on or is it more than you're letting on?

            Comment


            • #7
              Originally Posted by newmeja View Post
              I've not used this forum in years and luckily the password was one I no longer use.

              However the email I received said "your email address was exposed as a result of the attack", if it was just my email address why tell me to change my password?

              Was it more than just email addresses that were exposed? Is it a hash that someone has their hands on or is it more than you're letting on?
              surely it's better to err on the side of caution

              I for one respect the fact that I was contacted about this - if they were sure passwords were not compromised, they could've remained silent about it and nobody would know any different - may get some more spam, but my wife wants my dick bigger and stay hard longer, so it's win win
              "If you don't like DNAS, write your own damn system"

              So I did

              Comment


              • #8
                Originally Posted by jaromanda View Post
                surely it's better to err on the side of caution
                Oh don't get me wrong, disclosure is good and I'm glad they've come forward.

                My email address is already all over the Internet so I'm not too upset, I would just like absolute confirmation that nothing else was breached.

                Comment


                • #9
                  So were passwords stored in the DB as plain text?

                  Comment


                  • #10
                    Originally Posted by newmeja View Post
                    Oh don't get me wrong, disclosure is good and I'm glad they've come forward.

                    My email address is already all over the Internet so I'm not too upset, I would just like absolute confirmation that nothing else was breached.
                    I think all the info they're prepared to release was in the email
                    "If you don't like DNAS, write your own damn system"

                    So I did

                    Comment


                    • #11
                      Ok so they blocked an attack on the DB, entirely or only in part? How long did the attackers get access to the DB before they were blocked. If they did get access to the DB then surely more than just email address obtained.

                      Comment


                      • #12
                        Originally Posted by Third_of_Five View Post
                        Ok so they blocked an attack on the DB, entirely or only in part? How long did the attackers get access to the DB before they were blocked. If they did get access to the DB then surely more than just email address obtained.
                        change your passwords

                        change any passwords that are identical on other sites

                        move on with your life


                        how hard is that?
                        "If you don't like DNAS, write your own damn system"

                        So I did

                        Comment


                        • #13
                          The fact is the email addresses were stolen.. I don't care about this stupid Winamp account password, but I do care about my private email and spam!

                          I want my account deleted as well (havent used it since 2003 anyway.) Please delete it or let me know how to. Cant find the option anywere, not even in the help section.

                          Comment


                          • #14
                            Originally Posted by nik_bloemers View Post
                            I want my account deleted as well (havent used it since 2003 anyway.) Please delete it or let me know how to. Cant find the option anywere, not even in the help section.
                            did you read the FAQ link posted in the email?
                            "If you don't like DNAS, write your own damn system"

                            So I did

                            Comment


                            • #15
                              here ... let me read it for you

                              5) How can I delete my account?

                              We understand how important trust is on the web, and some of you may wish to delete your Winamp Forums account. To delete your account make sure that you are logged into the Winamp Forums and follow these simple instructions:

                              Scroll down to the bottom of the forum home page and click on View Forum Leaders. Scroll down to the Root section to see the list of Administrators. Send your deletion request to DJ Egg or DrO using the contact link to the right of the administrator's name. The Administrator will delete your account upon receiving the private request message and send you a confirmation email once the account is deleted.
                              "If you don't like DNAS, write your own damn system"

                              So I did

                              Comment

                              Working...
                              X
                              😀
                              🥰
                              🤢
                              😎
                              😡
                              👍
                              👎