what's this??? (about forum password changes) - Snowblower Forum : Snow Blower Forums
Reply
 
LinkBack Thread Tools
post #1 of 22 Old 06-24-2016, 10:32 PM Thread Starter
Senior Member
 
micah68kj's Avatar
 
Join Date: Oct 2011
Location: S. C. Pa. 39.755928, -77.577766
Posts: 4,882
Post Thanks / Like
Thanks (Given): 139
Thanks (Received): 269
Likes (Given): 371
Likes (Received): 912
what's this??? (about forum password changes)

Showing up when I logged in just now.
Spam/phishing/ad?

Joe

Sent from my junky old Hisense 7" tablet that I can barely see.
Toro 724
Toro CCR 3650E
Toro 5/21 sold
Ariens 5/22 ss ..Sold
Ariens Sno Tek 7/24 sold.
Old green plastic snow shovel... Sent.to shovel Heaven
Old quarry shovel for ice.
New.green shovel
micah68kj is offline  
Sponsored Links
Advertisement
 
post #2 of 22 Old 06-25-2016, 06:14 AM Thread Starter
Senior Member
 
micah68kj's Avatar
 
Join Date: Oct 2011
Location: S. C. Pa. 39.755928, -77.577766
Posts: 4,882
Post Thanks / Like
Thanks (Given): 139
Thanks (Received): 269
Likes (Given): 371
Likes (Received): 912
Never mind... I know what it it is now.

Joe

Sent from my junky old Hisense 7" tablet that I can barely see.
Toro 724
Toro CCR 3650E
Toro 5/21 sold
Ariens 5/22 ss ..Sold
Ariens Sno Tek 7/24 sold.
Old green plastic snow shovel... Sent.to shovel Heaven
Old quarry shovel for ice.
New.green shovel
micah68kj is offline  
post #3 of 22 Old 06-25-2016, 09:16 AM
Senior Member
 
Big Ed's Avatar
 
Join Date: Feb 2013
Location: New Jersey
Posts: 1,000
Post Thanks / Like
Thanks (Given): 10
Thanks (Received): 18
Likes (Given): 9
Likes (Received): 54
Garage
**** Hackers ought to be SHOT!


Copy and paste,

45 million accounts hosted on VerticalScope’s 1,100 sites have been compromised by hackers.




E
xperts at LeakedSource, a breach notification website, believe that VerticalScope, which owns sites like VWVortex and TTAC, may have stored too much data in one or several connected servers. The volume of data cracking one server may have given hackers access to several others, as they say, “there is no other way to explain a theft on such a large scale.”

Furthermore, a database sample given to ZDNet shows passwords that were hashed and salted with MD5, an obsolete method that is now too easy to decipher. In addition to passwords, email addresses, the site visited and a user’s IP information (which can be sometimes be used to determine location) are all listed in conjunction with the usernames that were compromised.

Lack of HTTPS encryption and the use of vulnerable older versions of the vBulletin forum software were other weaknesses in VerticalScope sites noted by ZDNet. So far, they note, the data has not appeared for sale on the dark web.

VerticalScope Vice President of Corporate Development Jerry Orban confirmed to ZDNet that they are investigating the breach:
We are aware of the possible issue and our internal security team has been investigating and will be collecting information to provide to the appropriate law enforcement agencies.
We believe that any potential breach is limited to usernames, user IDs, email addresses, and encrypted passwords of our users. In addition, we are reviewing our security policies and practices and in response to increased Internet awareness of security-related incidents, including potential incidents on our communities, we are implementing security changes related to our forum password strength and password expiration policies across certain forum communities.
In addition to numerous car forums, Toronto-based VerticalScope hosts sites on many other topics, including pets and home improvement. Even if you’ve resisted the urge to tell everyone on CadillacOwners that your brougham is the best brougham, you should probably check your other frequently visited sites anyway. A full list of VerticalScope’s properties can be found here.

If you’d rather search for your particular username or other identifying data, LeakedSource now includes all of the hacked information from the VerticalScope network.

No Data Is Truly Safe Forever



That is from here, http://jalopnik.com/45-million-accou...r-f-1782030203 __________________

I hate shoveling SNOW!
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

***********************
Craftsman #536886141(Around 2000?)
5 Horse, Tecumseh HSSK50-67392S
22" Dual Stage
***********************
"Classic" 1963 S-226 Snowbird
4 Horse (orig) Briggs & Stratton#6305201
22" Dual Stage
***********************
Big Ed is offline  
post #4 of 22 Old 06-25-2016, 09:26 AM
Super Moderator
 
Kiss4aFrog's Avatar
 
Join Date: Nov 2013
Location: Hudson, WI
Posts: 9,137
Post Thanks / Like
Thanks (Given): 510
Thanks (Received): 681
Likes (Given): 3844
Likes (Received): 1478
Garage
Oh NO !! You've been breached. Wait a minute, so have I !!!

.
Make sure the windows are up before the snow plow goes by !!

Please help keep the lights on by subscribing:
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Kiss4aFrog is online now  
post #5 of 22 Old 06-25-2016, 09:42 AM
Senior Member
 
Big Ed's Avatar
 
Join Date: Feb 2013
Location: New Jersey
Posts: 1,000
Post Thanks / Like
Thanks (Given): 10
Thanks (Received): 18
Likes (Given): 9
Likes (Received): 54
Garage
Other sites I am on that are run by them implemented password changes last week.
I logged on here last week and wondered why I didn't have to change it here.

Now today I got the email with the new password.

From feedback on other sites VerticalScope has their hands full taking care of problems that this change has caused.

Note, if some have changed their email address since joining here they won't get an email notifying them of this.

Also expect a lot of bad feedback from members who don't like the ideal of having a new password.

The changing of the password really effects those (if there are any) who use the same password for multiple sites. Which is not the brightest thing to do today.
It is OK for sites like this, but if you use the same password for banks, 401k's, (important stuff). You risk being hacked.

It is a little inconvenience but you are safer with different passwords.

One other note I have been communicating with employees of VerticlScope, and they say this change might be made mandatory every year.

I hate shoveling SNOW!
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

***********************
Craftsman #536886141(Around 2000?)
5 Horse, Tecumseh HSSK50-67392S
22" Dual Stage
***********************
"Classic" 1963 S-226 Snowbird
4 Horse (orig) Briggs & Stratton#6305201
22" Dual Stage
***********************
Big Ed is offline  
post #6 of 22 Old 06-25-2016, 09:46 AM
Senior Member
 
Big Ed's Avatar
 
Join Date: Feb 2013
Location: New Jersey
Posts: 1,000
Post Thanks / Like
Thanks (Given): 10
Thanks (Received): 18
Likes (Given): 9
Likes (Received): 54
Garage
Like I said, HACKERS OUGHT TO BE SHOT! Or locked away for life!

Use a password manger?
Another copy and paste, (2015 big ones you may not have heard of.)

Do a google of the hacking.
Blue Cross blue shield, Home Depot, target, etc (TOO MANY TO LIST!)


4.8 million caught up in VTech's weak security

You can put money on it being a bad hack when kids are named as victims. The toymaker suffered a major breach in late November, with hackers taking 4.8 million records, as well as a database of first names, genders and birthdays of more than 200,000 kids.


SECURUS,
70 million prison phone records handed to reporters

November: The big scandal when an anonymous hacker stole about 70 million phone calls from inmates in US prisons wasn't the hack itself, it was the suggestion that attorney - client privilege may have been violated on a regular basis. Millions of call logs and thousands of call recordings were taken in the breach. Securus provides landline phones and equipments to prisons, and generates high profits by charging the inmates themselves -- so much so, the FCC has taken action against the firm.

If you have a G mail, Hotmail or Yahoo email account, you may want to update your password.



Thousands of arrestees' data at risk after FBI's portal breached

November: The same hackers who were able to get access to CIA director John Brennan's private email account and also got access to a law enforcement portal used by police and federal agents to share intelligence, and book arrested suspects. It's not clear how many records were in the system -- the FBI declined to comment --

Donald Trump's hotel chain hack hit thousands of hotel visitors


Patreon hack led to 15GB data dump


Experian breach hit 15 million T-Mobile customers



Scottrade hack: Details on 4.6 million customers stolen

Almost every American has been affected by at least one data breach this year.



Ashley Madison ensnares 37 million cheaters


10 million hit by Excellus BlueCross BlueShield hack


Carphone Warehouse tops UK breach list with 2.4 million affected


Millions hit by CVS, Walgreens, credit card breach


UCLA Health failed to encrypt 4.5 million records


Hacking Team exploits put hundreds of millions of Flash users at risk
More than 22 million government workers now vulnerable to blackmail

PASSWORD MANAGERS? SAFE....RIGHT.

LastPass customers at risk after millions of passwords accessed

June 2015: Almost any security expert will say using a password manager makes you safer. What happens when your password manager is hit by a hack?




IRS data breach led to hackers taking tax returns


Anthem breach affected one-third of Americans

February: If your healthcare provider can't keep your data safe, who can you trust? Anthem, a US health insurance firm, lost more than 80 million customer records when it was hacked at the start of this year, along with around 19 million rejected customers.

June:
The big finale is the OPM breach, which affected 22.1 million (and counting). It could be the single most damaging breach to US national security of all time.



Now VerticalScope. 45 million!

I hate shoveling SNOW!
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

***********************
Craftsman #536886141(Around 2000?)
5 Horse, Tecumseh HSSK50-67392S
22" Dual Stage
***********************
"Classic" 1963 S-226 Snowbird
4 Horse (orig) Briggs & Stratton#6305201
22" Dual Stage
***********************
Big Ed is offline  
post #7 of 22 Old 06-25-2016, 11:28 AM
Banned
 
Join Date: Sep 2010
Location: Michigan
Posts: 1,585
Post Thanks / Like
Thanks (Given): 3
Thanks (Received): 158
Likes (Given): 95
Likes (Received): 302
Anybody know how to get back in lawnmowerforum? They sent me an email with new password and it doesn't work. Old one doesn't either.
jtclays is offline  
post #8 of 22 Old 06-25-2016, 07:57 PM Thread Starter
Senior Member
 
micah68kj's Avatar
 
Join Date: Oct 2011
Location: S. C. Pa. 39.755928, -77.577766
Posts: 4,882
Post Thanks / Like
Thanks (Given): 139
Thanks (Received): 269
Likes (Given): 371
Likes (Received): 912
Quote:
Originally Posted by jtclays View Post
Anybody know how to get back in lawnmowerforum? They sent me an email with new password and it doesn't work. Old one doesn't either.
I know I'm probably preaching to the choir jt but be very careful when entering it. The new ones seem to be case sensitive.

Joe

Sent from my junky old Hisense 7" tablet that I can barely see.
Toro 724
Toro CCR 3650E
Toro 5/21 sold
Ariens 5/22 ss ..Sold
Ariens Sno Tek 7/24 sold.
Old green plastic snow shovel... Sent.to shovel Heaven
Old quarry shovel for ice.
New.green shovel
micah68kj is offline  
post #9 of 22 Old 06-25-2016, 08:24 PM
Super Moderator
 
sscotsman's Avatar
 
Join Date: Dec 2010
Location: Western NY, USA
Posts: 3,661
Post Thanks / Like
Thanks (Given): 61
Thanks (Received): 336
Likes (Given): 148
Likes (Received): 763
Don't type it by hand, just copy and paste it from the email.
Scot


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
sscotsman is online now  
post #10 of 22 Old 06-26-2016, 09:54 AM
Senior Member
 
Join Date: Mar 2015
Location: Just south of Boston, Massachusetts
Posts: 131
Post Thanks / Like
Thanks (Given): 25
Thanks (Received): 6
Likes (Given): 32
Likes (Received): 13
I'm sorry, but I'm sick of being blamed/punished for things that are not my fault.
Quote:
In the case of over 40 million of the leaked records, however, passwords were stored only using MD5 with salting, which is by no means enough to keep them secure.
45 Million Potentially Impacted by VerticalScope Hack | SecurityWeek.Com

PS: Maybe this thread should be moved (and title changed) to the Site News and Feedback Forum so more people can see it ?
chargin is offline  
Sponsored Links
Advertisement
 
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Snowblower Forum : Snow Blower Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome