dutnguye is saying he was hacked, and today he had a quick sale -he posted over at AT and ssaid he heatware was hacked as well. This is a FYI

Regarding the question if the entire HeatWare database was compromised. Obviously, I have no way to guarantee this but I am very confident that this was not the case. Heatware resides on a dedicated server that only myself and the hosting provider has access to. All OS packages and dependencies are kept up-to-date to limit vulnerabilities. Security scans and Firewalls are in place. I've reviewed server access logs and do not see ANY recent logins to the shell. We use a very reputable host with an outstanding track record - hence the high hosting cost and dependence on member donations to keep the site running.

I have reviewed the failed login attempts from the last few days. I am seeing a few dozen total failed login attempts, not hundreds or thousands that you may expect during an attack. For the breached accounts listed above, it appears the first attempt was successful....
 
heat23 said:
Regarding the question if the entire HeatWare database was compromised. Obviously, I have no way to guarantee this but I am very confident that this was not the case. Heatware resides on a dedicated server that only myself and the hosting provider has access to. All OS packages and dependencies are kept up-to-date to limit vulnerabilities. Security scans and Firewalls are in place. I've reviewed server access logs and do not see ANY recent logins to the shell. We use a very reputable host with an outstanding track record - hence the high hosting cost and dependence on member donations to keep the site running.

I have reviewed the failed login attempts from the last few days. I am seeing a few dozen total failed login attempts, not hundreds or thousands that you may expect during an attack. For the breached accounts listed above, it appears the first attempt was successful....
Click to expand...
Other source of compromise. Good to know.
 
LFaWolf said:
When I did a GPU trade with a long-time member here, I did a LinkedIn connect with him to make sure everything check out. I even did an RMA for him this summer when he sent me the card and some extra $ to cover the shipping back to him. Extra caution is warranted for high-value items.

Personally, I buy almost everything through PayPal Goods and Services, unless the item value is less than $100 that I can take the loss.
Click to expand...
I was the other user on this. I did everything I needed to make LFaWolf comfortable - I was hte one seeking the trade, after all. I'd have taken a phone call if he wanted, but given the shortage, a LinkedIn connect also wasn't a big deal. Whatever it takes on high-value deals I'm happy to do - emails, phone, texts - whatever. Well, short of satellite photos of my arse hanging out, I guess. That might go somewhere weird.

Also, RMAed card is still working great, and I still appreciate you doing that deal :)
 
The latest "compromised account" flag I've had in my password manager was Thingiverse. None of my other accounts appear to be affected since I used strong and different passwords for each site (via the password manager). Not sure if this could stem from that. It's frustrating not to know where the source of the breach may have been, though. Went ahead and enabled 2FA for [H] and changed pw, though.
 
2FA enabled here as well. I haven't sold anything here but I do buy stuff.
 
  • Like
Reactions: File
like this
Have any mods here been able to determine if requiring 2FA to be enabled in order to be able to use the FS/FT forum is possible?

If it isn't possible on a per forum basis, what about site wide?
 
Yes sir LFaWolf , I did in fact get hacked at EVGA forums!!!!!!!

I was able to change my password and have notified admin on this as well.
 
No, it was an old password that I used on many sites. I just hadn't been over at EVGA in a long time and hadn't changed it yet.

Got it changed yesterday though.
 
You must log in or register to reply here.
Back
Top