Cloudminr.io is selling his database with some real proof

[DeveloperinDemand]

https://www.reddit.com/r/Bitcoin/comments/3d13os/what_the_actual_fck_cloudminrio_database_for_sale/

Looks like cloudminr.io has already sold it.

A while back I was thinking about investing in some cloud mining since they seemed to be the cheapest around. Luckily after doing some research, I had a strong suspicion that they were a ponzi scheme.
Too bad I made an account on cloudminr and now have to change a lot of passwords

Good idea! May I suggest changing them all from Joseph1 to Joseph2?

LOL that would be awesome I will also do this from 1 to 2
Cool
Thanks for a good idea

[Gleb Gamow]

Okay, I'm not a hacker, but I can now easily see how much damage could be done with that list. I simply scrolled down and picked out three that seemed to have any sort of value. I successfully logged into other sites that two out of the three administer. Given enough time, I'm sure I could log into financial accounts of a many of these dudes, amassing tens, if not hundreds of dollars worth of cryptocurrencies, namely mostly bitcoins.

Rest assured, others are exactly on that path. Fuckin' amazing!

[BadBear]

It's amazing that people reuse usernames, passwords, and emails on shady sites like that.

[DeveloperinDemand]

It's amazing that people reuse usernames, passwords, and emails on shady sites like that.

It will be good if you show a notification in the news section to change all password that are related to cloudminr.io
like this If you are using any wallet other than Bitcoin Core 0.10.x or 0.9.5, then you should not trust incoming transactions until they have ~30 confirmations. More info.

One more thing - Can i make a new account on the forum? or just leave the forum immediately?

[jeffthebaker]

After seeing the first 1k users posted on the site yesterday, I tried logging into the gmails of maybe 10 accounts. 5 out of 10 were using the same passwords on cloudminr.io and gmail. Luckily, 4/5 had 2FA enabled, and the other account was disabled by google due to suspicious activity. Either way, from the small sample it became apparent a lot of users are in danger of having their information compromised on many sites. Hopefully everyone who had an account with cloudminr finds out about this and takes appropriate security measures.

[Gleb Gamow]

Hackers sell 79,267 Cloudminr accounts for ONE Bitcoin

[notlist3d]

It's amazing that people reuse usernames, passwords, and emails on shady sites like that.

In this day and age it is honestly surprising.  I recommend using a different password for every site.  Yes it can be a pain, but there is good software to help with it.

If you use one for each site... if you see a database you can tell which site from password... kinda neat.   Normally leaks tell where they are from but if they didnt you could still tell.


BadBear if you could please tell me the rules on this if you have time.  Is it actually ok for someone with good intentions to change passwords on this site?  It just sounds like unauthorized access to me, and even with good intentions I just am really surprised anyone is doing it.  Below is what caused me to ask:

How do you manage to control greatgreat account?

I'm checking and changing all the password to protect the accounts from hack through another browser

Is this ok with forum rules?  I cant imagine this being ok even with good intentions.

I guess I could be wrong.  Just seems like it's a unauthorized accessing of account no matter what intentions are.

K can I change the password of all these accounts to what it is so hackers take these account and then all thing will be assumed as authorised.
If you want me to do this I will do but before that see the digital goods section with lots of bitcointalk account on sale.

[BadBear]

Not against the rules, no.

Is your problem that it happened, or that you don't trust the person who did? Would you still expect action taken if it were someone you know and trust?

[DeveloperinDemand]

Not against the rules, no.

Is your problem that it happened, or that you don't trust the person who did? Would you still expect action taken if it were someone you know and trust?

I'm going to delete this account by changing its password to random one
you can email me or PM me on my real account BTCBLOGGER for anything you want.

[BTCBLOGGER]

I'm going to delete this account by changing its password to random one
you can email me or PM me on my real account BTCBLOGGER for anything you want.

Account DeveloperinDemand deleted and password is changed to KkSqq+XV5x{HBnCpmj4s8Dv;3%SH2yc&`KP=EBz4,VLD+xzm#d'<2V3"$q.\b*'b3@2fw-#MK*DC<wh]tq%d=6EVMrd!Lyv=MISSING%\7e}TY[_+}~yneN5xVhB#N#[hcY^DY=8BQj'8="A{249JLMu3~h%3p\q9:CJx5#%Zk@&DN(BxJFUsv6sdy)Jrmv",KK5XhW%U!H@e.6Y8Ft}<#xfy@/q]B9L6VS"m'+J6<6ehC@""tAvj8U(MEMA;B2j

[Quickseller]

I'm going to delete this account by changing its password to random one
you can email me or PM me on my real account BTCBLOGGER for anything you want.

Account DeveloperinDemand deleted and password is changed to KkSqq+XV5x{HBnCpmj4s8Dv;3%SH2yc&`KP=EBz4,VLD+xzm#d'<2V3"$q.\b*'b3@2fw-#MK*DC<wh]tq%d=6EVMrd!Lyv=MISSING%\7e}TY[_+}~yneN5xVhB#N#[hcY^DY=8BQj'8="A{249JLMu3~h%3p\q9:CJx5#%Zk@&DN(BxJFUsv6sdy)Jrmv",KK5XhW%U!H@e.6Y8Ft}<#xfy@/q]B9L6VS"m'+J6<6ehC@""tAvj8U(MEMA;B2j

That is defiantly not the password you changed it to...

[BTCBLOGGER]

I'm going to delete this account by changing its password to random one
you can email me or PM me on my real account BTCBLOGGER for anything you want.

Account DeveloperinDemand deleted and password is changed to KkSqq+XV5x{HBnCpmj4s8Dv;3%SH2yc&`KP=EBz4,VLD+xzm#d'<2V3"$q.\b*'b3@2fw-#MK*DC<wh]tq%d=6EVMrd!Lyv=MISSING%\7e}TY[_+}~yneN5xVhB#N#[hcY^DY=8BQj'8="A{249JLMu3~h%3p\q9:CJx5#%Zk@&DN(BxJFUsv6sdy)Jrmv",KK5XhW%U!H@e.6Y8Ft}<#xfy@/q]B9L6VS"m'+J6<6ehC@""tAvj8U(MEMA;B2j

That is defiantly not the password you changed it to...

Yes, it is I just replaced few symbols with word missing that's all.

[ShawnCart]

In the marketplace some one is selling this database. Passwords are just stored in plain text .

[notlist3d]

Not against the rules, no.

Is your problem that it happened, or that you don't trust the person who did? Would you still expect action taken if it were someone you know and trust?

If allowed my fear is someone claiming it is for good "to stop hackers" and just collect accounts.   I'm guessing a list is made of usernames and passwords.   I guess I don't like the idea of someone being able to claim being a good guy when making a list of accounts and passwords.

I guess it's becuse it could be sold and we see lots of unused accounts, from people who claim they were good at first changing passwords.  I guess I see them doing the same as the "bad guys".

Ohh well guess I'm over thinking it.  But was nothing against OP.

[hilariousandco]

It's amazing that people reuse usernames, passwords, and emails on shady sites like that.

Indeed, though they've probably learned the hard way now.

BadBear if you could please tell me the rules on this if you have time.  Is it actually ok for someone with good intentions to change passwords on this site?  It just sounds like unauthorized access to me, and even with good intentions I just am really surprised anyone is doing it.  Below is what caused me to ask:

There's nothing anyone can do about it if their details are public, but if he's actually saving the people from having their accounts hacked it's best that someone with good intentions does it than someone with nefarious ones.

Not against the rules, no.

Is your problem that it happened, or that you don't trust the person who did? Would you still expect action taken if it were someone you know and trust?

If allowed my fear is someone claiming it is for good "to stop hackers" and just collect accounts.   I'm guessing a list is made of usernames and passwords.   I guess I don't like the idea of someone being able to claim being a good guy when making a list of accounts and passwords.

And what would you suggest be done about it? Say "no, you can't do it"? Not going to stop anyone is it (good or bad)?

[BTCBLOGGER]

grtthegreat will be back in few minutes as he is in my contact and i'm trying to verify details
After verification he will be online
Cheers

[notlist3d]

Not against the rules, no.

Is your problem that it happened, or that you don't trust the person who did? Would you still expect action taken if it were someone you know and trust?

If allowed my fear is someone claiming it is for good "to stop hackers" and just collect accounts.   I'm guessing a list is made of usernames and passwords.   I guess I don't like the idea of someone being able to claim being a good guy when making a list of accounts and passwords.

And what would you suggest be done about it? Say "no, you can't do it"? Not going to stop anyone is it (good or bad)?

I guess it's true.  I can see how it's a crappy situation no matter which way you go about it. 

I have been thinking about it but everything seems to have a downside.  Best would be able to run a script that looks for emails/username in database and changes password if on it, and emails a reset password email.  But the big problem is the people who did not use a real email.  So causes a headache still.

I guess noting can really be done except hoping users start to use different passwords.  Seems to be only easy/simple way to keep this from happening.

[Blawpaw]

Cloudminr.io is being accused of running a ponzi scheme... they still have the site down!

"This Account Has Been Suspended"

Do you think you will ever see the site up again?

[0xF6487E]

Cloudminr.io is being accused of running a ponzi scheme... they still have the site down!

"This Account Has Been Suspended"

Do you think you will ever see the site up again?

Right after Mt. Gox and BitInstant open up for trade.

[aBhsNc6NKn]

Not against the rules, no.

Is your problem that it happened, or that you don't trust the person who did? Would you still expect action taken if it were someone you know and trust?

I'm going to delete this account by changing its password to random one
you can email me or PM me on my real account BTCBLOGGER for anything you want.

YOU HAVE BEEN FUCKED, FINALLY. Don't create another new account and beg for new projects by using your holy shit companies like osiztechnologies.com / osiz technologies / web solusionz / and other crappy scam names.

Veliya pongada ayokiya raskalgala