While performing checks of our new security systems in place we discovered some evidence that during last weeks breach there is a possibility the MySQL user table was dumped. This contains user passwords and salts, which technically makes it possible for someone to extract user passwords from the data.
As a result we have taken the step of resetting the password for all users. We also strongly recommend that if you use the same password on any other site, you also change it there.
During the intrusion last week we discovered a few members may have downloaded insecure files - they were notified personally at the time. We also found evidence during this check that infected files may have been pushed to a small number (4) users more recently in the short period of time between our new security systems picking up an issue and it being resolved. They have been informed personally via PM and email - if you did not receive a PM or email from us you did not download an infected file. Our security system has also been upgraded to prevent this in future.
Members of our team have gone through every file on the site and performed a thorough security check, including adding several more security measures and performing live security tests with the tools and methods we suspect were used during the intrusion.
We apologise for any inconvenience this may cause and wish to assure you that every step possible is being taken to ensure DragonByte-Tech.com is as secure as possible.
Discuss this news here.
As a result we have taken the step of resetting the password for all users. We also strongly recommend that if you use the same password on any other site, you also change it there.
During the intrusion last week we discovered a few members may have downloaded insecure files - they were notified personally at the time. We also found evidence during this check that infected files may have been pushed to a small number (4) users more recently in the short period of time between our new security systems picking up an issue and it being resolved. They have been informed personally via PM and email - if you did not receive a PM or email from us you did not download an infected file. Our security system has also been upgraded to prevent this in future.
Members of our team have gone through every file on the site and performed a thorough security check, including adding several more security measures and performing live security tests with the tools and methods we suspect were used during the intrusion.
We apologise for any inconvenience this may cause and wish to assure you that every step possible is being taken to ensure DragonByte-Tech.com is as secure as possible.
Discuss this news here.
