If you have a Dtoid account look for an email from me at 5am last night containing a new password -- last night someone posted a screenshot containing roughly 25 usernames and passwords which primarily contained the login information of Destructoid's own editorial team. It's safe to say that we may have had a hacker intrusion, so we changed everyone's info. You can change it again on your profile page if you'd like something more memorable.
When we brought the staff together last night to look at the incident we learned that many of those records appear to be out of date -- they had been changed some time ago or may have only affected forum users (phpBB, which uses a different system than our blogs) which has helped us narrow down their activity on our traffic logs. We are unsure if everyone's information was acquired but are taking all precautions possible and have shut down our forums for the time being, as well as replaced everyone's information with a random code/hash.
As a safety precaution we urge all users that have Dtoid comment accounts to update their Xbox Live, PSN, Steam, Facebook, Myspace, and other passwords if they may have used this password on other web sites. Even if you were not affected at all, take this as a sign from the heavens to tighten up your personal security policy.
No apology long or carefully worded can make this right, so let's move on to what we are doing next: Bringing in a security expert to perform a systems audit on our firewall, systems, and server software. We are also offering a $1,000 cash reward to anyone that has any information on the incident to help IC3 (FBI's internet crime unit) prosecute this person -- after I kick their face in.
I'm terribly sorry about this. We're on it.
Contest:
10:30 AM on 01.19.2009
| 
we discussed the issue for a while on the IRC.
http://destructoid.uservoice.com/pages/general/suggestions/106038-safer-password-storage
Oh well. Shit happens that couldn't have been forseen. I still love you Niero.
How long will the forums be down?
You have my word!
Its a blackhat hacker? What the hell do you expect?
ALSO, FUCK HACKERS
GLOBAL THERMONUCLEAR WAR
It's not like they can sell the info to the blackmarket for billions.
"Jesus Christ, Mike, Jesus Christ, look, let's get them all. Let's hit them all. Now while we got the muscle..." -Frank Pentangeli
Oh snap!
At least I know Niero's got my back. Now we just need Jason Statham on our side and those jerks won't stand a chance.
And I'm pretty sure it's brandan >:(
Let's change something here. Why don't I kick your fucking teeth in and leave Dtoid out of this matter?
Just because you are doing something and are of a certain character doesn't mean anything about the rest of us.
Can we all kick their face in? Thanks much.
But Niero, you guys all handled the situation pretty gracefully. Another reason why I love you.
Funny cause a lot of people here play games on the PC too. You're a fucking idiot, no one likes you, go away.
no matter where you go, no matter how hard you try, ther will always be assholes fuckin things up for everyone.
For the future though, as LinuxGuy said, it's extremely important to only store a hash of passwords server side.
Also, cocks.
And by the way: hacking dtoid has a purpose. If people use the same login and pass for more then one service, let's say ebay, the hacker can mess up maaany things.
Mine got hacked
Fuckers
Well done to Dtoid for recovering as quickly as was possible
Well, everyone needs a password update now and then, right?
Godspeed, Robot leader.
Could this be blog wars scare tactics? Is Crecente in the Web Mob? They haz our child!