Changing Password
- by Penguin
- 2024-04-27 06:03:18
- General Posting
- 400 views
- 9 comments
I've very recently had to delete part of one of my posts on Good Dog's recent thread. This was to remove words / sentences / changes that I did not write or make. Somebody had accessed my account.
I decided to change my password immediately and could not do so, because the system wouldn't allow it.
Clearly, this means that we cannot use our usual means of deterring hackers on this site.
I have written to the administrators / owners and will report back on this thread when I receive an answer. In the meantime, I thought that the rest of you should be aware of this security breach.
9 Comments
Security of this site
by Gemita - 2024-04-27 13:03:52
Dear Penguin, I am sorry you feel there has been a security breach and that your comments on Good Dog’s post were changed in some way. I do not know how this could possibly have happened and I hope you will hear from Admin promptly with some reassurance that your account is secure and offering a helping hand with a password change.
Moving forward, I hope Admin is able to consider a security package to upgrade the Club at the earliest opportunity, to help restore confidence.
Please continue to post Penguin. We would miss your valuable contributions
Password change
by atiras - 2024-04-27 16:12:13
The password change problem isnt only affecting Penguin. I just tried it and the site errored.
Concerned
by Penguin - 2024-04-28 04:18:56
Thank you for confirming that Atiras - I had heard the same from someone else.
The security of this site is of concern now. In answer to 'how it may have happened', I brought to the moderators' attention 'spools of data' including passwords which are sometimes generated when a members account details are clicked on. So far these have been accounts which members have terminated, but perhaps this is no longer the case?
Let us not share sensitive information
by Gemita - 2024-04-28 05:53:17
For obvious reasons, it would be safer to wait to hear from Admin “privately” rather than to continue to “openly” discuss sensitive security issues here in this thread.
I will drop a line privately to Admin myself now. In the meantime, let us not add further sensitive information to this thread since it may do more harm than good. Thank you
No Answer from Admin
by Penguin - 2024-04-28 06:30:46
I've not heard from Admin Gemita. I emailed them yesterday and this is enough time to respond if they are serious about any member's data security.
This is unacceptable.
I understand
by Gemita - 2024-04-28 06:47:44
Penguin, I have now sent a message too, to a private email address and hope to receive a response by tomorrow. Try to remain calm and take good care of yourself, that is what really matters here.
Had a response
by atiras - 2024-04-29 12:43:13
"Thank you for reaching out. We are working on this issue- I do apologize for the inconvenience. The system is being updated as best as we can. I thank you for your patience as we work through the issues. Please note that a completely updated site is also in progress and will be state of the art once completed. Thank you again."
Frankly, not good enough. Password change is a basic function... you have to do something pretty incompetent to break it.
Same Response
by Penguin - 2024-04-29 15:31:45
I got the same Atiras and agree - you cannot allow an account to be accessed by a hacker and possibly acknowledge that the site has facilitated a members personal details to 'who knows who' and then refuse to find a way to protect them from those consequences.
This is really, really bad.
You know you're wired when...
Intel inside is your motto.
Member Quotes
I'm still running and feeling great.
Horrible 😳
by Lavender - 2024-04-27 09:48:43
There have been security glitches since the new owners got onboard. I honestly hope they get cracking on fixing it before we all jump ship for safer ports.