dutnguye is saying he was hacked, and today he had a quick sale -he posted over at AT and ssaid he heatware was hacked as well. This is a FYI

[heat23]

Regarding the question if the entire HeatWare database was compromised. Obviously, I have no way to guarantee this but I am very confident that this was not the case. Heatware resides on a dedicated server that only myself and the hosting provider has access to. All OS packages and dependencies are kept up-to-date to limit vulnerabilities. Security scans and Firewalls are in place. I've reviewed server access logs and do not see ANY recent logins to the shell. We use a very reputable host with an outstanding track record - hence the high hosting cost and dependence on member donations to keep the site running.

I have reviewed the failed login attempts from the last few days. I am seeing a few dozen total failed login attempts, not hundreds or thousands that you may expect during an attack. For the breached accounts listed above, it appears the first attempt was successful....

 

[Joust]

Regarding the question if the entire HeatWare database was compromised. Obviously, I have no way to guarantee this but I am very confident that this was not the case. Heatware resides on a dedicated server that only myself and the hosting provider has access to. All OS packages and dependencies are kept up-to-date to limit vulnerabilities. Security scans and Firewalls are in place. I've reviewed server access logs and do not see ANY recent logins to the shell. We use a very reputable host with an outstanding track record - hence the high hosting cost and dependence on member donations to keep the site running.

I have reviewed the failed login attempts from the last few days. I am seeing a few dozen total failed login attempts, not hundreds or thousands that you may expect during an attack. For the breached accounts listed above, it appears the first attempt was successful....

Other source of compromise. Good to know.

 

[Gillbot]

Other source of compromise. Good to know.

Old stale passwords being put to use is my guess as of right now but I could be wrong.

 

[trasixes]

Big props to heat23 for all that he does at heatware, as a volunteer no less!

 

[dutnguye]

Thank you to heat23 I was able to recover my account as well

 

[stinger608]

Thank you to heat23 I was able to recover my account as well

That's great news man!!!!!!!

 

[undertaker2k8]

Thank you to heat23 I was able to recover my account as well

So are you in SF bay area still or Utah (like the fake dutnguye claimed)?

 

[lopoetve]

When I did a GPU trade with a long-time member here, I did a LinkedIn connect with him to make sure everything check out. I even did an RMA for him this summer when he sent me the card and some extra $ to cover the shipping back to him. Extra caution is warranted for high-value items.

Personally, I buy almost everything through PayPal Goods and Services, unless the item value is less than $100 that I can take the loss.

I was the other user on this. I did everything I needed to make LFaWolf comfortable - I was hte one seeking the trade, after all. I'd have taken a phone call if he wanted, but given the shortage, a LinkedIn connect also wasn't a big deal. Whatever it takes on high-value deals I'm happy to do - emails, phone, texts - whatever. Well, short of satellite photos of my arse hanging out, I guess. That might go somewhere weird.

Also, RMAed card is still working great, and I still appreciate you doing that deal

 

[Burticus]

2FA enabled, thanks for the heads up peeps

 

[F.E.A.R.]

2FA enabled here too as well as changed password on HW.

 

[dutnguye]

Bay Area

 

[undertaker2k8]

Bay Area

Right on, may be we can do an in person deal some day and commiserate about the taxes

 

[pututu]

Right on, may be we can do an in person deal some day and commiserate about the taxes

Count me in. I did a in person trade with LFaWolf recently.

 

[xx0xx]

The latest "compromised account" flag I've had in my password manager was Thingiverse. None of my other accounts appear to be affected since I used strong and different passwords for each site (via the password manager). Not sure if this could stem from that. It's frustrating not to know where the source of the breach may have been, though. Went ahead and enabled 2FA for [H] and changed pw, though.

 

[wra18th]

2FA enabled here as well. I haven't sold anything here but I do buy stuff.

 

[LFaWolf]

Count me in. I did a in person trade with LFaWolf recently.

That was a smooth transaction!

 

[Richneerd]

I also did transactions in the past with dutnguye.

We are both local bay area residents. 👍

 

[LFaWolf]

Looks like stinger608 account on EVGA and another user on Heatware have both been compromised as the text/verbiage is the same in both postings.

https://www.heatware.com/for-sale/E...LTRA-GAMING-12GB-GDDR6X-video-cards-3639.html

 

[ClockerXP]

Have any mods here been able to determine if requiring 2FA to be enabled in order to be able to use the FS/FT forum is possible?

If it isn't possible on a per forum basis, what about site wide?

 

[stinger608]

Yes sir LFaWolf , I did in fact get hacked at EVGA forums!!!!!!!

I was able to change my password and have notified admin on this as well.

 

[Icecold]

stinger608 Can you tell us if the password you used at EVGA forums and Heatware was shared anywhere else? Can you enter that password on this website and tell us what the results are - https://haveibeenpwned.com/Passwords

 

[stinger608]

No, it was an old password that I used on many sites. I just hadn't been over at EVGA in a long time and hadn't changed it yet.

Got it changed yesterday though.

 

[Zef Pomp]

heat23

https://www.heatware.com/u/26178/to

Another one with a lot of rep hacked, ranked #11

 

[TrevorR]

stinger608 Can you tell us if the password you used at EVGA forums and Heatware was shared anywhere else? Can you enter that password on this website and tell us what the results are - https://haveibeenpwned.com/Passwords

Wow thanks for that link, I was hesitant to enter a few of my passwords but it looks like I've been pwned. Changing all now.