Moderators Statement on Security Breach

[afleitch]

STATEMENT FROM THE ATLAS FORUM MODERATION TEAM

Last week, many of you reported that people had tried to access your accounts on Atlas. Many of you received a ‘re-set’ e-mail. Many of these e-mails contained an I.P address identifying a proxy server.

Bacon King’s account was the source of the leaks from the Moderator’s Corner. Dave Leip was able to identify from code who had accessed the specific topics uploaded onto a blog that was linked offsite. Bacon King was suspended as a moderator pending investigation. The I.P address that Bacon King’s account last used revealed several matches. First of all, it was not an I.P linked to Bacon King, proving that his account was compromised. Secondly it was a similar I.P to the attempts to log onto other people’s accounts and thirdly, it’s usage was linked to that of a poster on Atlas Forum.

We have identified the account associated with the leaked I.P. The person owning that account has an account at another forum that shares many posters in common with Atlas Forum. It appears that information in common to Atlas Forum and this other forum, such as username and password was used to breach basic security protections on the Atlas Forum. That breach then resulted in attempts to change the password of a number of users and caused the messages some of you received.

Security at user forums can be breached in ways unknown to the user. One of the simplest defences is to use different passwords for each forum you participate in.

If you use the same password at another forum, especially with the same username, we strongly recommend that you change your password at the Atlas Forum

Thank you.

[Antonio the Sixth]

If the culprit has an account on this forum, why aren't you denouncing him publicly? Presumably he will also be swiftly banned.

[afleitch]

If the culprit has an account on this forum, why aren't you denouncing him publicly? Presumably he will also be swiftly banned.

There is likely to be more information soon. We gave this update primarily to focus on the need for people to double down on their security but also to give you an indication as to why we got to where we are now.

[Bacon King]

I want to add that it's also very important to use a strong security question for your account. While I was resetting my passwords and everything, I realized that my security question could be easily answered by anyone with access to my facebook page. This can be another major vulnerability in your account security- make sure it is a question that only you know the answer to, that someone else wouldn't be able to find through google or facebook.

[SATW]

crazy stuff! I hope everything returns to normalcy soon

[Sprouts Farmers Market ✘]

Interesting...
How did someone as bland as Classic conservative get caught up in this? His account was hacked as well.
Scary stuff.

[Panda Express]

STATEMENT FROM THE ATLAS FORUM MODERATION TEAM

Last week, many of you reported that people had tried to access your accounts on Atlas. Many of you received a ‘re-set’ e-mail. Many of these e-mails contained an I.P address identifying a proxy server.

Bacon King’s account was the source of the leaks from the Moderator’s Corner. Dave Leip was able to identify from code who had accessed the specific topics uploaded onto a blog that was linked offsite. Bacon King was suspended as a moderator pending investigation. The I.P address that Bacon King’s account last used revealed several matches. First of all, it was not an I.P linked to Bacon King, proving that his account was compromised. Secondly it was a similar I.P to the attempts to log onto other people’s accounts and thirdly, it’s usage was linked to that of a poster on Atlas Forum.

We have identified the account associated with the leaked I.P. The person owning that account has an account at another forum that shares many posters in common with Atlas Forum. It appears that information in common to Atlas Forum and this other forum, such as username and password was used to breach basic security protections on the Atlas Forum. That breach then resulted in attempts to change the password of a number of users and caused the messages some of you received.

Security at user forums can be breached in ways unknown to the user. One of the simplest defences is to use different passwords for each forum you participate in.

If you use the same password at another forum, especially with the same username, we strongly recommend that you change your password at the Atlas Forum

Thank you.

You can just say Dark Atlas or AAD. No need to make this more confusing.

Also, most people know this but for the few without AAD accounts, the "specific topics" vaguely referenced in this moderator statement that were uploaded onto the blogs were in fact topics from the Mod board itself. 50+ topics from the Mod board over the years were available to all of us.

[dead0man]

Those ADD guys are always so classy, this must be a mistake!

[/]

This is scary.

[Badger]

STATEMENT FROM THE ATLAS FORUM MODERATION TEAM

Last week, many of you reported that people had tried to access your accounts on Atlas. Many of you received a ‘re-set’ e-mail. Many of these e-mails contained an I.P address identifying a proxy server.

Bacon King’s account was the source of the leaks from the Moderator’s Corner. Dave Leip was able to identify from code who had accessed the specific topics uploaded onto a blog that was linked offsite. Bacon King was suspended as a moderator pending investigation. The I.P address that Bacon King’s account last used revealed several matches. First of all, it was not an I.P linked to Bacon King, proving that his account was compromised. Secondly it was a similar I.P to the attempts to log onto other people’s accounts and thirdly, it’s usage was linked to that of a poster on Atlas Forum.

We have identified the account associated with the leaked I.P. The person owning that account has an account at another forum that shares many posters in common with Atlas Forum. It appears that information in common to Atlas Forum and this other forum, such as username and password was used to breach basic security protections on the Atlas Forum. That breach then resulted in attempts to change the password of a number of users and caused the messages some of you received.

Security at user forums can be breached in ways unknown to the user. One of the simplest defences is to use different passwords for each forum you participate in.

If you use the same password at another forum, especially with the same username, we strongly recommend that you change your password at the Atlas Forum

Thank you.

You can just say Dark Atlas or AAD. No need to make this more confusing.

Also, most people know this but for the few without AAD accounts, the "specific topics" vaguely referenced in this moderator statement that were uploaded onto the blogs were in fact topics from the Mod board itself. 50+ topics from the Mod board over the years were available to all of us.

Agree, ftr, but didn't get the chance to offer my 2 cents in the mod cave this morning as intended due to time pressure at work.

[they don't love you like i love you]

Those ADD guys are always so classy, this must be a mistake!

Who are the "AAD guys" (typo corrected)? If you mean everyone who posts on AAD, that includes several moderators, including the one who posted that thread and the one with the account compromised.

If you're implying that anyone on AAD or involved in administrating it requested it, then you're completely wrong. A poster appeared on AAD with links showing the obtained info from the mod board who had never posted prior to this. The AAD administrator actually edited out the links, which I'll point out is a HUGE deal since moderation virtually never happens on AAD, I can count the number of posts modded on one hand. The leaker has not divulged their identity on AAD either.

Also I'll note that the admin of AAD is not a current Atlas poster, never has been a poster, has stated he never wishes to ever post here, and has shown no interest in internal Atlas drama. AAD is his only priority.

[HagridOfTheDeep]

Those ADD guys are always so classy, this must be a mistake!

Who are the "AAD guys" (typo corrected)? If you mean everyone who posts on AAD, that includes several moderators, including the one who posted that thread and the one with the account compromised.

If you're implying that anyone on AAD or involved in administrating it requested it, then you're completely wrong. A poster appeared on AAD with links showing the obtained info from the mod board who had never posted prior to this. The AAD administrator actually edited out the links, which I'll point out is a HUGE deal since moderation virtually never happens on AAD, I can count the number of posts modded on one hand. The leaker has not divulged their identity on AAD either.

Also I'll note that the admin of AAD is not a current Atlas poster, never has been a poster, has stated he never wishes to ever post here, and has shown no interest in internal Atlas drama. AAD is his only priority.

That's not true. The Hot Guys thread was basically obliterated. Which is why I hardly go, except to watch Libertas keep flying further and further off the rails.

[Joe Republic]

Also I'll note that the admin of AAD is not a current Atlas poster, never has been a poster, has stated he never wishes to ever post here, and has shown no interest in internal Atlas drama. AAD is his only priority.

AAD has two admins.

[Türkisblau]

Also I'll note that the admin of AAD is not a current Atlas poster, never has been a poster, has stated he never wishes to ever post here, and has shown no interest in internal Atlas drama. AAD is his only priority.

AAD has two admins.

So you're claiming that the culprit is HockeyDude? Really?

[Sprouts Farmers Market ✘]

Also I'll note that the admin of AAD is not a current Atlas poster, never has been a poster, has stated he never wishes to ever post here, and has shown no interest in internal Atlas drama. AAD is his only priority.

AAD has two admins.

So you're claiming that the culprit is HockeyDude? Really?

It's obvious what the first post was inferring. I repeat - classic conservative AND Jonathan Swift do not have AAD accounts. That incident was traced to Paris for which we still have no explanation.

Additionally, I'd say whoever perpetrated these events would have to be really dumb not to do so at their library or a public computer. I guess people can be dumb, but I hope not that dumb.

Perhaps the mod team should set up a free forum and see for themselves whether passwords can be seen. Silly to interrogate an accomplice who has no reason to help you. I'd be surprised if that was an available function so you may need to bring back your old tech specialist mod to do some snooping.

[Ban my account ffs!]

So which accounts were hacked?

Oh this is all top secret among the upper echelons.

[Joe Republic]

So which accounts were hacked?

AFAWK just Bacon King.

[🦀🎂🦀🎂]

It's probably Francois Hollande, angry about his subpar approval rating the last time he was polled on individual politics.

[Torie]

So which accounts were hacked?

AFAWK just Bacon King.

Mine as well, even though I don't know if it was the same guy.

Tried to hack your account, or did hack you account? 

[Mr. Morden]

So which accounts were hacked?

AFAWK just Bacon King.

Mine as well, even though I don't know if it was the same guy.

Tried to hack your account, or did hack you account?  

Did hack it. Let me be clear that I'm not 100% certain that it was hacked but it wasn't me who removed all my buddies from the buddy center, so there is no other plausible explanation (unless a mod did this, which I don't think is even possible). And recently that Paris guy tried as well. It was my fault, my security question was beyond idiotic. Anyway, I fixed it.

You may have mentioned this before, but can you PM me a reminder of when you noticed that your buddies center had been cleared out?

[Panda Express]

Those ADD guys are always so classy, this must be a mistake!

wow you were completely right. kudos to you.

[The Other Castro]

I just received two more "forgot password" notifications in case that's relevant info.