When idiots attack!

Posted by: admin 5 years, 10 months ago

On 2013-06-23, 21:36:37 (local time) there was a dev forum account breach that occurred which resulted the server being compromised, which in turn made our server attack yet another site.

We are taking this breach very seriously, and it took us a while while we tried to salvage what we could.
Because of the nature of the compromise it was deemed that the server could not be trusted any longer, so we immediately took down the forums which was the attack vector the intruder used to compromise the site.
We have backed up as much of the site as we could, so, hopefully no data will have been lost.

We are currently mandating password resets.
If you are using the same password on other sites, change them as well, and *stop using the same passwords across multiple sites*!

Unfortunately, critical user data may have been compromised.
This means that everyone's e-mail address may have been stolen as well.  If you get any suspicious mails that pretend to be from us, please PM the Staff account with details.

Now, you may be asking just how did we get compromised in the first place ?
It all boils down to, one of our old devs used the same account password for multiple sites.
This in turn allowed the attacker to run php code via the forums to insert a backdoor/shell into our system.

If you wish to know more about the attack, you may read http://pokemonshowdown.com/news/june2013attack and see what it was all about.

It is extremely disappointing that we were never notified about the initial breach on the pokemonshowdown site that occurred on the 19th, since the same individual's account was the same one that made a mess of things for us as well.