ACParadise Hacked?
Posted: Wed Aug 31, 2016 4:19 pm
I didn't see this mentioned or reported anywhere, but ACParadise has been hacked.
I discovered this by going to https://haveibeenpwned.com/ and entering my e-mail address. It searches hacked site records that have been posted to tell you if you've been hacked. I entered my e-mail and got just one result:
Acparadise.com_2016_55k_phpbb.csv
It has a link to a public copy of ACParadise's forum user database. (No idea how old it is, but from the filename I'd guess it's sometime in 2016.)
If you use the same password anywhere that you also use on ACParadise, change it! Change it on ACParadise's forums too...but that only prevents future logins there, not anywhere else you used that e-mail and password. (Different passwords everywhere! LastPass FTW!)
Admins, I hope you already knew about this and have patched phpBB so the security hole was fixed. You should probably notify people that they need to change their passwords. (I saw no such notification here.)
I discovered this by going to https://haveibeenpwned.com/ and entering my e-mail address. It searches hacked site records that have been posted to tell you if you've been hacked. I entered my e-mail and got just one result:
Acparadise.com_2016_55k_phpbb.csv
It has a link to a public copy of ACParadise's forum user database. (No idea how old it is, but from the filename I'd guess it's sometime in 2016.)
If you use the same password anywhere that you also use on ACParadise, change it! Change it on ACParadise's forums too...but that only prevents future logins there, not anywhere else you used that e-mail and password. (Different passwords everywhere! LastPass FTW!)
Admins, I hope you already knew about this and have patched phpBB so the security hole was fixed. You should probably notify people that they need to change their passwords. (I saw no such notification here.)