Argonath RPG - A World of its own

Community => News and Announcements => Topic started by: Teddy on May 02, 2015, 09:11:26 pm

Title: NOTICE: Security Breach
Post by: Teddy on May 02, 2015, 09:11:26 pm: Attention all members,

We have detected a security intrusion that has compromised several accounts across several forums. This was not a recent intrusion; rather an intrusion caused by lack of care. Late last year some had passwords leaked and many were told to change passwords, most of you did while others apparently did not.

If you've neglected to change your password since this former incident, please change it IMMEDIATELY. Out of precaution we strongly recommend everyone else to change their passwords on all Argonath services. If you use similar passwords on any other accounts across the Internet please change those immediately.

We'll continue to monitor the security and ensure the integrity of Argonath systems as usual and will keep the community informed of any breaches.

Anyone that was banned during the breach please send an email to [email protected] and we'll handle your request, do this with the email registered to your account.
Title: Re: NOTICE: Security Breach
Post by: [NP]Monte Montague on May 02, 2015, 09:20:27 pm: Do NOT use the same password as your email on any of your Argonath forum passwords.
Change your email password FIRST and keep it different from any of the forum passwords you use.
Title: Re: NOTICE: Security Breach
Post by: SugarD on May 02, 2015, 09:24:50 pm: Quote from: [NP]Monte Montague on May 02, 2015, 09:20:27 pm
do NOT keep the email account password the same as any of your forum account passwords!!
Change your email password FIRST.
Then your forum password.

And do not keep them the same...
Agreed. Email accounts are your backup way of retrieving any breached or lost accounts. If that is breached too, you lose everything, and it gives the attacker complete control over a majority of your personal data.

I would also suggest that people not use the same password in the game servers as their forum accounts. This is a bad practice on separated services, as it is harder to monitor these, and can result in multiple accounts being breached at once without the account owners realizing it.
Title: Re: NOTICE: Security Breach
Post by: ClazzyJogel on May 03, 2015, 07:44:19 am: This might explain the sickening posts on wshadows.com just minutes ago...
Title: Re: NOTICE: Security Breach
Post by: [NP]Monte Montague on May 03, 2015, 01:28:20 pm: Quote from: ClazzyJogel on May 03, 2015, 07:44:19 am
This might explain the sickening posts on wshadows.com just minutes ago...

Maybe.

It's not all the users fault but people are not taking account security seriously, they should have DIFFERENT passwords for different websites, services...
Title: Re: NOTICE: Security Breach
Post by: Axison on May 08, 2015, 08:21:05 pm: Is this related to anything that happened this morning with the forums?
Title: Re: NOTICE: Security Breach
Post by: Marcel on May 08, 2015, 08:37:28 pm: Quote from: Axison on May 08, 2015, 08:21:05 pm
Is this related to anything that happened this morning with the forums?
yes, all services were locked down as a result of this breach.
Title: Re: NOTICE: Security Breach
Post by: Teddy on May 09, 2015, 03:24:03 am: The reason for downtime is a direct result of negligence and poor attention to our previous alerts. An unnamed, currently inactive for extended time, leader account was breached and as a result gave an attacker the privileges to essentially deface Argonath. At the time I was too tired to deal with anything so I locked down Argonath and went to sleep. All services were suspended during this time. Upon awaking it was only a matter of moments for me to determine exactly what was done and as I figured... lack of proper policy.

As a result of this Argonath is changing security policy and will be more careful than previous. Those with privileges may notice less permissions in the coming days and weeks as we transition to these new security precautions.
Title: Re: NOTICE: Security Breach
Post by: Devin on May 10, 2015, 11:44:55 am: Quote from: Teddy on May 02, 2015, 09:11:26 pm
If you've neglected to change your password since this former incident, please change it IMMEDIATELY. Out of precaution we strongly recommend everyone else to change their passwords on all Argonath services. If you use similar passwords on any other accounts across the Internet please change those immediately.

Those members with forum accounts that were negligent enough to set the same password after they were forced to update their passwords that then put their accounts at risk of being breached along with wasting forum moderators time will be looking for a hefty ban on the forum.

If you are one of those negligent and lazy people that chose to the exact same password when forced to update them then it is about time you either update the password properly or risk a forum ban. Enough topics have been created about password and account security yet people still seem to ignore the fact that they need to protect their accounts, including staff members.