Public Announcement

User avatar
aRt)Y
Staff Department
Posts: 12727
Joined: Fri May 03, 2013 9:15 pm
Location: Clan StiD @ Europe
Has thanked: 7 times
Been thanked: 157 times
Contact:

Public Announcement

Postby aRt)Y » Sat Mar 04, 2017 4:34 pm

Update 2

Dear ENT community,

on Saturday, March, 4th, at roughly 2:30 pm UTC+1, someone hacked one of our staff member's (not the Staff Dept.) forum account. The attacker then logged into the forum's Administrative Control Panel (ACP) and overwrote one of the Staff Department's member's password. He then continued to alter the website's settings and forum structure via that access. You may have noticed the e-mail sent, unfortunately, in ENT's name and the bots' chat messages, too.

At 3 pm, I was notified of the breach. Being rather surprised by the situation and trying to figure out what happened, things didn't look good. Half an hour later, I contacted uakf.b informing him about the breach and we have taken measures to counter the "hack" (which, in fact, was probably just a mere brute-force of a forum user's password; how exactly he got the user's password is unknown to us though).

The website was taken offline, the latest forum backup was restored (from January) and the bot files were restored, too. At 5:15 pm the restoration was done. The forum and staff structure, topics and posts will look like in January. Please give the staff a few hours/days to administrate the forum. Thanks.

To summarize: At no point were the users' passwords in danger. To ensure your password can not be "guessed" via brute-force or other phishing techniques, ensure to use strong, unique passwords and if possible a two factor authentication. However, due to the backup, your password has been restored to the one you used in January. So, if you changed your password in the last two months, use your old one. Plus, don't be surprised about the old topics, we will have to move them.

I sincerely apologize for the inconvenience.
    Information, Rules, Guides and everything else you need to know about ENT is on the ENT Wiki.
    ENT is also on Google+ and Twitter to provide real-time information and updates.
    Ignorantia juris non excusat • Quis custodiet ipsos custodes? • Fallacy of composition

User avatar
aRt)Y
Staff Department
Posts: 12727
Joined: Fri May 03, 2013 9:15 pm
Location: Clan StiD @ Europe
Has thanked: 7 times
Been thanked: 157 times
Contact:

(Update 1) Public Announcement

Postby aRt)Y » Sat Mar 04, 2017 4:48 pm

Additionally, all technical support requests, ban appeals and suggestions have been moved to their processed section.
If you are still banned, had a donation or tech request or an interesting suggestion, please re-post.

As for the ban requests, given we reduced the pages to 15 topics, I will move all ban requests to the processed section (given they've most likely been processed in the last two months), too. You may re-post your ban request, though.

Furthermore, all accounts created in the last two months do no longer exist. Please register again. Thanks.
    Information, Rules, Guides and everything else you need to know about ENT is on the ENT Wiki.
    ENT is also on Google+ and Twitter to provide real-time information and updates.
    Ignorantia juris non excusat • Quis custodiet ipsos custodes? • Fallacy of composition

User avatar
aRt)Y
Staff Department
Posts: 12727
Joined: Fri May 03, 2013 9:15 pm
Location: Clan StiD @ Europe
Has thanked: 7 times
Been thanked: 157 times
Contact:

(Update 2) Public Announcement

Postby aRt)Y » Sat Mar 04, 2017 7:18 pm

To clarify, as far as we know, the unlawful access was not carried out by a staff member but a community member(s).
The website remains safe but the problem with weak passwords is that anyone can guess them. Hence, as mentioned above, choose proper passwords (see original post for more information). (If you do wonder about how phpbb stores passwords by default, read here.)

The staff members' passwords have all been reset and access to ACP has been restricted. The accounts with permissions to alter the site in such way have been further secured.

As for the past announcements, the original topics are gone. We do, however, have cached ones. Two most important two:
Any old topic (e.g. ban request and ban appeals) can be accessed via the same way (just replace TID with the topic number):

Code: Select all

https://webcache.googleusercontent.com/search?q=cache:entgaming.net/forum/viewtopic.php?t=TID

As you might have noticed, most of the past changes have been re-added by now. If there's something still not working properly, please let me know.

Please note, if your re-activation e-mail or registration e-mail has not arrived by now, please wait a few more minutes/hour(s). If you did not receive one after the next 24 hours, e-mail entgamingmedia(at)gmail.com with your forum account. Thanks!

Lastly, while the ban requests and ban appeals of the past weeks are gone, too (see google cache though), our database was not affected. That means all the (un)bans have been enforced and remain as such.

Again, I am sorry things are going rather bad lately but let's all hope the next couple of months will be a bit better for ENT... :'(

Edit: The replays link to the clanent domain at the moment. To navigate to the stats page, please replace "clanent" with "entgaming", thanks.
    Information, Rules, Guides and everything else you need to know about ENT is on the ENT Wiki.
    ENT is also on Google+ and Twitter to provide real-time information and updates.
    Ignorantia juris non excusat • Quis custodiet ipsos custodes? • Fallacy of composition


Return to “Archive”

Who is online

Users browsing this forum: No registered users and 0 guests