[phpBB News] Welcome back, ladies and gentlemen

**Industry News** · 02-10-2009, 11:35 PM

Welcome back, ladies and gentlemen <img src="http://www.phpbb.com/community/images/smilies/icon_e_biggrin.gif" alt=":D" title="Very Happy" /> As you probably know, we were attacked for unknown reasons by an individual using an exploit against our PHPList installation within hours of the exploit being publicly posted on a well-known exploit site. Facilitated by mistakes and - in retrospect mistaken - performance considerations in our server setup, the attacker was able to steal all email addresses from our mailing list, as well as the password hashes from this board's database. In a reckless act of showmanship, he later posted all this information on a blog. We urge all our community members to change their passwords as soon as possible. If you have used the same password on any other site, then we strongly recommend changing it there as well. The public disclosure of private data is an unspeakable attack against all of our users. We cannot comprehend the attacker's motives. The phpBB teams are entirely composed of volunteers working on an honour basis to provide the web with a scalable, secure and user-friendly free forum software. We are not, however, so easily cowed. More so than ever, we are here to create communities with and for our users. We are greatly pleased to once more provide support in the environment we all love so much. In the past ten days, countless hours have been spent by team members and helpers to restore and sanitise the website and the database. We especially want to thank OSUOSL for providing us with a temporary server for the remainder of the investigation. We welcome everyone to show our community's appreciation by sending them a donation. <a href="http://osuosl.org/donate" class="postlink"><img src="http://osuosl.org/sites/osuosl.org/themes/zen/osuosl/img/donate_180_off.png" alt="Image" /></a> We are deeply sorry about the unavailability of the collected resources of phpbb.com and the damage caused. We hope that the improvised support on area51 was enough to keep you all afloat. Let's, once more, make this community the lively place of support, development and discussion it has been for so many years. The phpBB Teams You can discuss this topic here: <a class="postlink-local" href="http://www.phpbb.com/community/viewtopic.php?f=6&t=1436625">viewtopic.php?f=6&t=1 436625</a>

More...

**Jolteon** · 02-11-2009, 04:35 AM

Converted from HTML into readable stuff

Welcome back, ladies and gentlemen

As you probably know, we were attacked for unknown reasons by an individual using an exploit against our PHPList installation within hours of the exploit being publicly posted on a well-known exploit site. Facilitated by mistakes and - in retrospect mistaken - performance considerations in our server setup, the attacker was able to steal all email addresses from our mailing list, as well as the password hashes from this board's database. In a reckless act of showmanship, he later posted all this information on a blog.

We urge all our community members to change their passwords as soon as possible. If you have used the same password on any other site, then we strongly recommend changing it there as well.

The public disclosure of private data is an unspeakable attack against all of our users. We cannot comprehend the attacker's motives. The phpBB teams are entirely composed of volunteers working on an honour basis to provide the web with a scalable, secure and user-friendly free forum software. We are not, however, so easily cowed. More so than ever, we are here to create communities with and for our users.

We are greatly pleased to once more provide support in the environment we all love so much. In the past ten days, countless hours have been spent by team members and helpers to restore and sanitise the website and the database. We especially want to thank OSUOSL for providing us with a temporary server for the remainder of the investigation. We welcome everyone to show our community's appreciation by sending them a donation.

We are deeply sorry about the unavailability of the collected resources of phpbb.com and the damage caused. We hope that the improvised support on area51 was enough to keep you all afloat. Let's, once more, make this community the lively place of support, development and discussion it has been for so many years.

Please note that the search is currently unavailable. It will be enabled in the following days.

The phpBB Teams

You can discuss this topic here: viewtopic.php?f=6&t=1 436625

**theezy** · 02-11-2009, 08:49 AM

Awesome.. It was down for ever it seemed like.

02-10-2009, 11:35 PM	#1
Industry News Forum Guru Join Date: Sep 2005 Posts: 8,309	[phpBB News] Welcome back, ladies and gentlemen Welcome back, ladies and gentlemen <img src="http://www.phpbb.com/community/images/smilies/icon_e_biggrin.gif" alt=":D" title="Very Happy" /><br /><br />As you probably know, we were attacked for unknown reasons by an individual using an exploit against our PHPList installation within hours of the exploit being publicly posted on a well-known exploit site. Facilitated by mistakes and - in retrospect mistaken - performance considerations in our server setup, the attacker was able to steal all email addresses from our mailing list, as well as the password hashes from this board's database. In a reckless act of showmanship, he later posted all this information on a blog. <br /><br /><span style="font-weight: bold">We urge all our community members to change their passwords as soon as possible. If you have used the same password on any other site, then we strongly recommend changing it there as well.</span> <br /><br />The public disclosure of private data is an unspeakable attack against all of our users. We cannot comprehend the attacker's motives. The phpBB teams are entirely composed of volunteers working on an honour basis to provide the web with a scalable, secure and user-friendly free forum software. We are not, however, so easily cowed. More so than ever, we are here to create communities with and for our users.<br /><br />We are greatly pleased to once more provide support in the environment we all love so much. In the past ten days, countless hours have been spent by team members and helpers to restore and sanitise the website and the database. We especially want to thank OSUOSL for providing us with a temporary server for the remainder of the investigation. We welcome everyone to show our community's appreciation by sending them a donation.<br /><br /><a href="http://osuosl.org/donate" class="postlink"><img src="http://osuosl.org/sites/osuosl.org/themes/zen/osuosl/img/donate_180_off.png" alt="Image" /></a><br /><br />We are deeply sorry about the unavailability of the collected resources of phpbb.com and the damage caused. We hope that the improvised support on area51 was enough to keep you all afloat. Let's, once more, make this community the lively place of support, development and discussion it has been for so many years.<br /><br />The phpBB Teams<br /><br />You can discuss this topic here: <!-- l --><a class="postlink-local" href="http://www.phpbb.com/community/viewtopic.php?f=6&t=1436625">viewtopic.php?f=6&t=1 436625</a><!-- l --> More...

02-11-2009, 04:35 AM	#2
Jolteon Forum Junkie Join Date: Feb 2006 Location: Holmfirth, England Posts: 3,699	Converted from HTML into readable stuff Welcome back, ladies and gentlemen As you probably know, we were attacked for unknown reasons by an individual using an exploit against our PHPList installation within hours of the exploit being publicly posted on a well-known exploit site. Facilitated by mistakes and - in retrospect mistaken - performance considerations in our server setup, the attacker was able to steal all email addresses from our mailing list, as well as the password hashes from this board's database. In a reckless act of showmanship, he later posted all this information on a blog. We urge all our community members to change their passwords as soon as possible. If you have used the same password on any other site, then we strongly recommend changing it there as well. The public disclosure of private data is an unspeakable attack against all of our users. We cannot comprehend the attacker's motives. The phpBB teams are entirely composed of volunteers working on an honour basis to provide the web with a scalable, secure and user-friendly free forum software. We are not, however, so easily cowed. More so than ever, we are here to create communities with and for our users. We are greatly pleased to once more provide support in the environment we all love so much. In the past ten days, countless hours have been spent by team members and helpers to restore and sanitise the website and the database. We especially want to thank OSUOSL for providing us with a temporary server for the remainder of the investigation. We welcome everyone to show our community's appreciation by sending them a donation. We are deeply sorry about the unavailability of the collected resources of phpbb.com and the damage caused. We hope that the improvised support on area51 was enough to keep you all afloat. Let's, once more, make this community the lively place of support, development and discussion it has been for so many years. Please note that the search is currently unavailable. It will be enabled in the following days. The phpBB Teams You can discuss this topic here: viewtopic.php?f=6&t=1 436625 __________________ Ack, no currently active projects To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

02-11-2009, 08:49 AM	#3
theezy Groupie Join Date: Feb 2009 Location: California Posts: 48	Awesome.. It was down for ever it seemed like. __________________ *To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.* - Promote! Get Results!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)