Ethereum

Safety alert [12/19/2016]: Ethereum.org Boards Database Compromised

kingcryptonews
kingcryptonews
Safety alert [12/19/2016]: Ethereum.org Boards Database Compromised


On December 16, we have been made conscious that somebody had lately gained unauthorized entry to a database from discussion board.ethereum.org. We instantly launched an intensive investigation to find out the origin, nature, and scope of this incident. Here’s what we all know:

  • The knowledge that was lately accessed is a database backup from April 2016 and contained details about 16.5k discussion board customers.
  • The leaked data consists of

    • Messages, each private and non-private
    • IP-addresses
    • Username and electronic mail addresses
    • Profile data
    • Hashed passwords

      • ~13k bcrypt hashes (salted)
      • ~1.5k WordPress-hashes (salted)
      • ~2k accounts with out passwords (used federated login)

  • The attacker self-disclosed that they’re the identical particular person/individuals who lately hacked Bo Shen.
  • The attacker used social engineering to realize entry to a cell phone quantity that allowed them to realize entry to different accounts, one in every of which had entry to an outdated database backup from the discussion board.

We’re taking the next steps:

  • Discussion board customers whose data could have been compromised by the leak will likely be receiving an electronic mail with extra data.
  • We’ve got closed the unauthorized entry factors concerned within the leak.
  • We’re implementing stricter safety tips internally corresponding to eradicating the restoration cellphone numbers from accounts and utilizing encryption for delicate knowledge.
  • We’re offering the e-mail addresses that we imagine have been leaked to https://haveibeenpwned.com, a service that helps talk with affected customers.
  • We’re resetting all discussion board passwords, efficient instantly.

In case you have been affected by the assault we suggest you do the next:

  • Be certain that your passwords are usually not reused between providers. You probably have reused your discussion board.ethereum.org password elsewhere, change it in these locations.

Moreover, we suggest this wonderful weblog submit by Kraken that gives helpful details about the right way to shield in opposition to all these assaults.

We deeply remorse that this incident occurred and are working diligently internally, in addition to with exterior companions to deal with the incident.

Questions might be directed to safety@ethereum.org.

You Might Also Like

State of Ethereum: August Version

Constancy asks SEC to permit staking in Ethereum ETF to spice up investor returns

Swiss nonprofit BIO Affiliation to launch BIO tokens for decentralized biotech community

Ethereum Protocol Research 2025 | Ethereum Basis Weblog

Ethereum Protocol Fellowship Cohort 5 Recap

Share This Article
Previous Article Subsequent Coin to Explode? Here is Why AurealOne (DLUME) Might Skyrocket After Trump’s Election Win Subsequent Coin to Explode? Here is Why AurealOne (DLUME) Might Skyrocket After Trump’s Election Win
Next Article BDAG to Hit ? How CEX Listings Might Moon BlockDAG BDAG to Hit $20? How CEX Listings Might Moon BlockDAG
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *