I would like to ask theymos to introduce a field in the profile panel where we could check all the information that got leaked during the hack.
I 'm mostly concerned about registration and last ip address used because it could be used to associate alt accounts.
Many of us use alt accounts for participating in signature giveaways (people often auto-ignore those who use ads in their sigs), or just to be able to express some thoughts more freely (no one wants an angry mob against him just because he called a scam-coin... scam-coin
).
The hacker now has more information about my accounts than me and this makes me feel very uncomfortable.
Thank you.
Ps. For obvious reasons i'm using a new account for this post.
why would you need that when you already know what got leaked?
On May 22 at 00:56 UTC, an attacker gained root access to the forum's server. He then proceeded to try to acquire a dump of the forum's database before I noticed this at around 1:08 and shut down the server. In the intervening time, it seems that he was able to collect some or all of the "members" table. You should assume that the following information about your account was leaked:
- Email address
- Password hash (see below)
- Last-used IP address and registration IP address
- Secret question and a basic (not brute-force-resistant) hash of your secret answer
- Various settings
full post here
https://bitcointalk.org/index.php?topic=1067985.msg11445725#msg11445725change everything and you're as good as new. no need to change your email address if it is secure enough and if you don't mind spams. but change it anyway if you want to be sure
