Original Post

I just received a junk mail sent to the email address I created specifically for signing up for planetvb. The absolute only way this email could have been used is if planetvb either sold their database or they’ve been hacked.

Please investigate.

8 Replies

Well, there was this in February:

3,000 Databases with 200 Million Unique accounts found on Dark Web

I told KR155E but I don’t know whether he took any action. In any case, you should change your password.

Considering I only registered in August, this has to have been a recent leak…

And that sir is why I have multiple emails and use the various passwords for every account and don’t use the same for my real accounts. But yes, the www redirect url was listed in the dump, but that list is like 6-8 years old.

We changed all the passwords, moved to a new server, switched to SSL, etc, after learning about the hack earlier this year. But since you only joined in August, EkriirkE, it seems likely that there has been another one. It’s not that surprising, unfortunately, since this site still uses an ancient, almost 20 year old CMS and I am afraid we’re stuck with it until I get around to finishing the new site I have been working on…

So for the time being, I can only advice you guys to be careful. Change your passwords to one you only use on this site. If you’re signing up for a new account, set up a new email just for this site, and, most importantly, ignore these scam emails, should you receive one! Those bastard are just trying to scare you, hoping that a few people will actually pay.

Haha now I understand how my netflix account bas been hacked ^^
Then I had to delete the old email account linked to planetvb. I received too many email that pass through the my spamm filter…

KR155E wrote:
It’s not that surprising, unfortunately, since this site still uses an ancient, almost 20 year old CMS and I am afraid we’re stuck with it until I get around to finishing the new site I have been working on…

Has XOOPS changed so much that upgrading is no longer possible without breaking things?

I’ve been on the Internet since it’s conception. I started on VAX dummy terminals browsing Web sites with text only. One thing I learned early on was to provide different information for different sign-ups. Worst thing someone got off me is they know one of my throwaway e-mail accounts (already heavily tweaked for spam) and had a chance (for over a year?) to access my PVB account.

After reading this thread, that password has just been made more defend-able. =)

Speaking on the new site, when are you going to bring it out? I remember you showing me it.

 

Write a reply

You must be logged in to reply to this topic.