|
merelcoin
|
|
September 06, 2016, 11:03:09 AM |
|
It's real, the database was hacked last year... If you haven't changed your password since then, it might be wise to do so now. I find it a little weird you didn't know about this, it was the hot topic for weeks when it happened
|
|
|
|
merelcoin
|
|
September 06, 2016, 11:06:37 AM |
|
It's real, the database was hacked last year... If you haven't changed your password since then, it might be wise to do so now. I find it a little weird you didn't know about this, it was the hot topic for weeks when it happened it actually happened yesterday dude AFAIK, this is untrue... A quote from the link you posted (sorry for the caps, but the poster of the article apparently used caps to post this): A HACKER IS SELLING HACKED DATABASE OF BITCOINTALK.ORG, A BITCOIN FORUM THAT WAS HACKED IN MAY 2015 BUT ITS DATABASE WAS LEAKED A COUPLE OF DAYS AGO.
and a second quote from the article: BitcoinTalk.org was hacked in May 2015 but the stolen data was leaked a couple of days ago
|
|
|
|
takingthis4 (OP)
Sr. Member
Offline
Activity: 504
Merit: 250
CryptoTalk.Org - Get Paid for every Post!
|
|
September 06, 2016, 11:06:42 AM |
|
It's real, the database was hacked last year... If you haven't changed your password since then, it might be wise to do so now. I find it a little weird you didn't know about this, it was the hot topic for weeks when it happened wait so the people who created accounts this year are actually safe?
|
|
|
|
awesome31312
|
|
September 06, 2016, 11:16:52 AM |
|
There is already a thread about this. The conclusion of that thread was, they are most likely selling the database from former hacks. The forum administrator confirmed that the most recent attack only led to a shutdown of the site, and not data theft. Still, I would change my password every now and then, for security's sake.
|
Account recovered 08-12-2019
|
|
|
Kakmakr
Legendary
Offline
Activity: 3458
Merit: 1961
Leading Crypto Sports Betting & Casino Platform
|
|
September 06, 2016, 11:19:51 AM |
|
It's real, the database was hacked last year... If you haven't changed your password since then, it might be wise to do so now. I find it a little weird you didn't know about this, it was the hot topic for weeks when it happened wait so the people who created accounts this year are actually safe? Yes, and the people who created it before last year is safe too, if they changed their password when they were told to do it. The password encryption being used is strong enough to withstand most attacks, if you use strong passwords. Just change your password regularly, and make it even more difficult for people to hack it. ^smile^
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
merelcoin
|
|
September 06, 2016, 11:21:28 AM |
|
It's real, the database was hacked last year... If you haven't changed your password since then, it might be wise to do so now. I find it a little weird you didn't know about this, it was the hot topic for weeks when it happened wait so the people who created accounts this year are actually safe? They should be, since no data leak was reported for over a year. There is already a thread about this. The conclusion of that thread was, they are most likely selling the database from former hacks. The forum administrator confirmed that the most recent attack only led to a shutdown of the site, and not data theft. Still, I would change my password every now and then, for security's sake. this is indeed a good idear, be carefull tough: some users have the tendancy to look at the security log for password changes, and accuse people of using a bought account when they try to do business using an account that had a recently changed password... It's sad but true
|
|
|
|
Heartilly
|
|
September 06, 2016, 11:23:55 AM |
|
Even if it's true or not, it's not wrong if you will modify your password after reading that article. And besides if you really care to your forum account, you will do regular changes of your password at regular periods.
|
|
|
|
~Bitcoin~
Legendary
Offline
Activity: 994
Merit: 1000
|
|
September 06, 2016, 12:53:48 PM |
|
Even though this hack event was a year old, it came into different hacker related site after someone tried to sell those data in darknet recently. All passwords are encrypted, to break down in numbers; there are 469,540 passwords that are encrypted with the SHA-256 algorithm and 44,868 passwords encrypted with SMF password encryption. I have read somewhere SHA-256 encrypted password are hard to decrypt isn't it? However using strong password like combination of words and number with special character is wise decision with ocassional change of password and using different password for different sites.
|
| ligma | | | | ███ ███ █ ███ █ ███ █ ███ █ ███ █ ███ █ ███ █ ███ █ ███ █ ███ ███ ███ | | ███ ███ ███ █ ███ █ ███ █ ███ █ ███ █ ███ █ ███ █ ███ █ ███ █ ███ ███ | | |
|
|
|
pereira4
Legendary
Offline
Activity: 1610
Merit: 1183
|
|
September 06, 2016, 01:54:02 PM |
|
Even though this hack event was a year old, it came into different hacker related site after someone tried to sell those data in darknet recently. All passwords are encrypted, to break down in numbers; there are 469,540 passwords that are encrypted with the SHA-256 algorithm and 44,868 passwords encrypted with SMF password encryption. I have read somewhere SHA-256 encrypted password are hard to decrypt isn't it? However using strong password like combination of words and number with special character is wise decision with ocassional change of password and using different password for different sites. Well Bitcoin uses SHA256 so it should be pretty safe. Any 10 character password with special characters and upper and lower case is already strong enough to not be able to get brute forced in a lifetime afaik.
|
|
|
|
LFC_Bitcoin
Legendary
Offline
Activity: 3570
Merit: 9799
#1 VIP Crypto Casino
|
|
September 06, 2016, 02:04:30 PM |
|
As long as you changed your password & the email linked to your bitcointalk.org user account since the hack then this is a non issue & you have nothing to worry about.
|
|
|
|
mindrust
Legendary
Offline
Activity: 3290
Merit: 2450
|
|
September 06, 2016, 02:07:10 PM |
|
Old news. It happened a while ago. You don't have anything to worry about if you changed your password. If not, you better do it now than not to be sorry later.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
NorrisK
Legendary
Offline
Activity: 1946
Merit: 1007
|
|
September 06, 2016, 02:16:39 PM |
|
Even it's still encrypted, the hackers still could hack your account if you use weak password or the hacker have hints for your password. If you don't believe me, you might want to check this thread : https://bitcointalk.org/index.php?topic=1544686.0Yeah, they can just compare the hashes of the passwords to a known database and if the sha256 hash matches one in the database, the hackers knows the password as well. You are quite safe if you use non dictionary, non common, non previously used passwords with such encryption in place, as it is almost impossible that it will appear in any rainbow table of any kind.
|
|
|
|
dc1a0
Member
Offline
Activity: 84
Merit: 10
|
|
September 06, 2016, 03:41:08 PM |
|
In the meta section this was brought up after the DDOS attack. They mentioned that was from an attack last year, but I still feel that it's a good idea to change passwords just in case. After all, it's better to be safe than sorry, right?
|
|
|
|
lemipawa
Legendary
Offline
Activity: 1708
Merit: 1003
|
|
September 06, 2016, 03:48:19 PM |
|
Regardless if theres a threat of hack or non at all, we should be proactive in changing our passwords from time to time, it would not take too much time if you would do that every month, that means only 12 passwords in a year that you can prepare prior to changing of password day.
|
|
|
|
Dudeperfect
|
|
September 06, 2016, 03:54:52 PM |
|
Wait, let me change my password. Oh, I just did, now I think I’m safe.
I’m not sure if this is genuine information or not but one should take extreme precaution. I was lazy about my online security but I did security audit of my online identity and found that my 70% online accounts was extremely vulnerable.
Thankfully I have a security schedule now and I change my password during a particular frequency and also enabled 2 factor authentication wherever possible.
|
|
|
|
BillyBobZorton
Legendary
Offline
Activity: 1204
Merit: 1028
|
|
September 06, 2016, 04:04:21 PM |
|
It's impossible to bruteforce a decent sha256 password so that is not a real concern, just don't use the same password anywhere else.
|
|
|
|
prabowo96
Full Member
Offline
Activity: 238
Merit: 100
it's showtime
|
|
September 06, 2016, 04:06:28 PM |
|
Even it's still encrypted, the hackers still could hack your account if you use weak password or the hacker have hints for your password. If you don't believe me, you might want to check this thread : https://bitcointalk.org/index.php?topic=1544686.0Yeah, they can just compare the hashes of the passwords to a known database and if the sha256 hash matches one in the database, the hackers knows the password as well. You are quite safe if you use non dictionary, non common, non previously used passwords with such encryption in place, as it is almost impossible that it will appear in any rainbow table of any kind. That's the way, using strong passwords and changing the password with or without any hack periodically... Why bitcointalk don't use a 2FA? It would be nice for security
|
|
|
|
Hazir
Legendary
Offline
Activity: 1596
Merit: 1005
★Nitrogensports.eu★
|
|
September 06, 2016, 04:14:45 PM |
|
That's the way, using strong passwords and changing the password with or without any hack periodically...
Why bitcointalk don't use a 2FA? It would be nice for security
Because it is forum based on old software in times when no one even heard about 2FA? And new forum software which will probably use 2FA functionality is in development for couple years already. So there is very little reason to waste time and effort to update current version of Forum with new features.
|
|
|
|
ninjada
|
|
September 06, 2016, 04:20:04 PM |
|
I have also seen they publish the DB for sale on alphabey for a cheap price.
|
|
|
|
|