# Site Password Reset



## Jeremy (Feb 25, 2018)

As you may have noticed yesterday, the forum was down in the morning and then again later that night. This was due to an attack on the site. Our investigation indicates that the attacker may have accessed user information, including encrypted passwords. As a precaution, we have triggered a password reset for all users. We apologize for any inconvenience this will cause, but felt it was an appropriate action to protect your account, as we take user security very seriously at TBT.  This incident appears to be unrelated to the site downtime that we experienced two weekends ago. Thank you for your patience over these last few weeks.


----------



## Alolan_Apples (Feb 25, 2018)

Why is someone trying to hack this site?


----------



## SensaiGallade (Feb 25, 2018)

I bet it was Starrywolf again


----------



## That Marshal Fangirl (Feb 25, 2018)

Wow, really?  This seems like an odd site to try and hack, but oh well.  If changing my password fixes all the issues we've been having lately then I'm all for it.


----------



## pidge (Feb 25, 2018)

I was about to ask about why it said my pass was 361 days old, but never mind that.

I hope you can resolve this issue without much hassle!! ♥


----------



## Alolan_Apples (Feb 25, 2018)

SensaiGallade said:


> I bet it was Starrywolf again



It could be someone else, someone as bad as the PSN hackers that caused the great PlayStation Network Outage of 2011.


----------



## dedenne (Feb 25, 2018)

Damn now I have to change the password I've used since I  was 5

But jesus


----------



## ZekkoXCX (Feb 25, 2018)

I thought i was getting hacked like ??? but hope this site is back to normal soon


----------



## Alolan_Apples (Feb 25, 2018)

Now you let us know about the password resets, can you fix the profile pages?


----------



## Antonio (Feb 25, 2018)

This is just a cover up for Jeremy hiding ufos.


----------



## dedenne (Feb 25, 2018)

Antonio said:


> This is just a cover up for Jeremy hiding ufos.



Sadly this time it's true

I mean the attack


----------



## Jeremy (Feb 25, 2018)

Some mentioned that user profiles aren't working. This is likely from when we were restoring the site last night, so we'll look into it.


----------



## Alolan_Apples (Feb 25, 2018)

What I'm worried about is if the hacker is targeting me.


----------



## Bcat (Feb 25, 2018)

I?m a little worried. Is there anything bad he can do if he has our email addresses?


----------



## PunchyTheCat (Feb 25, 2018)

Omg I was rlly worried for a second.


----------



## Keldi (Feb 25, 2018)

Anxiety mode activate
Anxiety Alert
Anxiety Alert
Cause of Anxiety: Potentially hacked site
Second cause of Anxiety: User could be hacked
Wee woo
Wee woo


----------



## ZekkoXCX (Feb 25, 2018)

yay night time


----------



## Antonio (Feb 25, 2018)

Dedenne2 said:


> Sadly this time it's true
> 
> I mean the attack



He was in it with Jeremy! Don't let them fool you.


----------



## pidge (Feb 25, 2018)

Where did the like button/ TBT count/ Collectables just run off to?? where'd they go lol.


----------



## Bcat (Feb 25, 2018)

pidge said:


> Where did the like button/ TBT count/ Collectables just run off to?? where'd they go lol.



Oh good it?s not just me


----------



## KAnaliseY (Feb 25, 2018)

I was so confused when that notification popped up lol
But yeah, my profile page is down too for some reason


----------



## cornimer (Feb 25, 2018)

Keldi said:


> Anxiety mode activate
> Anxiety Alert
> Anxiety Alert
> Cause of Anxiety: Potentially hacked site
> ...



I know nothing about hacking but there are almost 100 thousand users on this site so the chances of any one member being specifically targeted are veeeeery low


----------



## SensaiGallade (Feb 25, 2018)

Welcome to the Hell Tree Forums please enjoy your stay


----------



## Keldi (Feb 25, 2018)

Bcat said:


> I’m a little worried. Is there anything bad he can do if he has our email addresses?



This user's asking the real question. Can anything happen besides spam mail???


----------



## pidge (Feb 25, 2018)

Bcat said:


> Oh good it?s not just me



Nono, I was about to like a post and I was like

'...oh'

also I cant seem to change my font or font size OOF ok.


----------



## Keldi (Feb 25, 2018)

VanessaMay18 said:


> I know nothing about hacking but there are almost 100 thousand users on this site so the chances of any one member being specifically targeted are veeeeery low



Good point. Good point. (U v U)


----------



## pidge (Feb 25, 2018)

Although I am myself, somebody with severe anxiety disorder and I'm kind of brushing off my deep dark fears smh _but_ - do i have anything to actually be worried about?? Idk my anxiety over being hacked and stuff is like
ding ding itS ME AGAIN BABES


----------



## AccfSally (Feb 25, 2018)

I was like what, when I seen my password needed to be restarted.

Edit: wait, where's the spoilers, I had one on my signature.


----------



## Antonio (Feb 25, 2018)

pidge said:


> Where did the like button/ TBT count/ Collectables just run off to?? where'd they go lol.



The aliens are trying to escape, RUN!


----------



## Trundle (Feb 25, 2018)

pidge said:


> Although I am myself, somebody with severe anxiety disorder and I'm kind of brushing off my deep dark fears smh _but_ - do i have anything to actually be worried about?? Idk my anxiety over being hacked and stuff is like
> ding ding itS ME AGAIN BABES



You don't have anything to worry about, any information that could have been breached was encrypted, so it would take a very long time in order to grab the password, even if it mattered anymore. I would just change your password like Jer suggested.


----------



## pidge (Feb 25, 2018)

Trundle said:


> You don't have anything to worry about, any information that could have been breached was encrypted, so it would take a very long time in order to grab the password, even if it mattered anymore. I would just change your password like Jer suggested.



Tyty, I'm prone to thoughts way out of proportion lol
I was gonna put my bells in the ABD but iT GONE

shop where u goin


----------



## Keldi (Feb 25, 2018)

Trundle said:


> You don't have anything to worry about, any information that could have been breached was encrypted, so it would take a very long time in order to grab the password, even if it mattered anymore. I would just change your password like Jer suggested.



Ah! That's very reassuring! Thank you for pointing that out! I forgot what 'encrypted' meant when I first read the post (^_^)


----------



## Sweetley (Feb 25, 2018)

Bell Tree Forums without the TBT and collectibles feels kinda...weird.


----------



## Alienfish (Feb 25, 2018)

Alolan_Apples said:


> Why is someone trying to hack this site?



This.. I mean I know we got hell lotsa bots and spammer but tbh why even attack this :|


----------



## cornimer (Feb 25, 2018)

Collectibles are back and its day again but profiles are down again


----------



## Alolan_Apples (Feb 25, 2018)

VanessaMay18 said:


> Collectibles are back and its day again but profiles are down again



It might swing back and forth until the site is fully fixed.


----------



## Alienfish (Feb 25, 2018)

VanessaMay18 said:


> Collectibles are back and its day again but profiles are down again



yeah, .. weird if they are just messing up stuff tho :thinking:


----------



## Antonio (Feb 25, 2018)

Just a heads up, the hacker also had y'all emails which wasn't encrypted so if y'all shared similar password with the site and your email, change your email password. The hacker was also aware of the encryption used to encrypt (Stating something like md5) so he could still decrypt your password, so do change it. Not trying to scare anyone....

Source: The guy was on the discord server yesterday, showing off. He posted a sample of Jeremy data which included username, email, and encrypted password.


----------



## Alienfish (Feb 25, 2018)

Antonio said:


> Just a heads up, the hacker also had y'all emails which wasn't encrypted so if y'all shared similar password with the site and your email, change your email password. The hacker was also aware of the encryption used to encrypt (Stating something like md5) so he could still decrypt your password, so do change it. Not trying to scare anyone....
> 
> Source: The guy was on the discord server yesterday, showing off. He posted a sample of Jeremy data which included username, email, and encrypted password.



good idea, thanks for the heads up. good thing i have a separate forum and gaming email holy ****


----------



## Sweetley (Feb 25, 2018)

I think the profiles are working again (at least I could see mine again).


----------



## Bcat (Feb 25, 2018)

Antonio said:


> Just a heads up, the hacker also had y'all emails which wasn't encrypted so if y'all shared similar password with the site and your email, change your email password. The hacker was also aware of the encryption used to encrypt (Stating something like md5) so he could still decrypt your password, so do change it. Not trying to scare anyone....
> 
> Source: The guy was on the discord server yesterday, showing off. He posted a sample of Jeremy data which included username, email, and encrypted password.



I was calm for a second but now I?m anxious again D:


----------



## watercolorwish (Feb 25, 2018)

oh shoot this scared me lol but i needed to change my password anyways its been forever


----------



## Keldi (Feb 25, 2018)

Just changed both passwords u.u
Maybe I should make a backup email :/

- - - Post Merge - - -



Bcat said:


> I was calm for a second but now I’m anxious again D:



We're both anxious *makes back up email account*
Ah. A little better feeling.


----------



## Jeremy (Feb 25, 2018)

If you're interested in the security of other accounts you might have, check out this resource that keeps track of known breaches on other sites: https://haveibeenpwned.com/

And it helps to use only strong passwords. For example, don't use nothing but a short word and numbers. It helps to have longer words, numbers, different cases, and symbols. You probably don't see many sites forcing you to use symbols when registering, but adding one or two symbols is a pretty good way to make a secure password.


----------



## Keldi (Feb 25, 2018)

Jeremy said:


> If you're interested in the security of other accounts you might have, check out this resource that keeps track of known breaches on other sites: https://haveibeenpwned.com/
> 
> And it helps to use only strong passwords. For example, don't use nothing but a short word and numbers. It helps to have longer words, numbers, different cases, and symbols. You probably don't see many sites forcing you to use symbols when registering, but adding one or two symbols is a pretty good way to make a secure password.



Oh just let me save that on my home page! Thanks Jeremy!
And you bet my passwords look like a toddler smashed randomly on my phone but with some composure lol


----------



## Bcat (Feb 25, 2018)

Thanks Jeremy, I feel better now


----------



## Chris (Feb 25, 2018)

Dedenne2 said:


> Damn now I have to change the password I've used since I  was 5
> 
> But jesus



Know this feeling. Six months from now you'll still be erroneously putting in the old password. Anytime I log into my email I get a message reminding me I changed my password some 180+ days ago.


----------



## Jacob (Feb 25, 2018)

the hacker is trying to take my weird doll  you better try me


----------



## Keldi (Feb 25, 2018)

Anybody else use that site Jeremy linked andchecked every account they've made as well as their friends on BTF?


----------



## Zane (Feb 25, 2018)

Some people have got waaaaaay too much time on their hands.

Thanks 4 the update!


----------



## Reginald Fairfield (Feb 25, 2018)

SensaiGallade said:


> I bet it was Starrywolf again



Who?


----------



## Jeremy (Feb 25, 2018)

There's a little bit of misinformation in here because knowing what type of encryption is used doesn't mean someone can decrypt the passwords. When something like this happens, they see a bunch of seemingly random letters and numbers that represent a password. It's one-way, so the passwords cannot be decrypted directly.  What they would have to do is try (likely with a program) a random combination of letters and numbers millions of times until they get a match. There are trillions of possible password combinations, so more often than not this won't happen, but it's always best to change it just in case. This is also why people suggest using strong passwords. "ABC" is easier to figure out than something long with different types of characters.


----------



## Paperboy012305 (Feb 25, 2018)

I wondered why I had to change my password, thanks for keeping us notified.


----------



## Sweetley (Feb 25, 2018)

Reginald Fairfield said:


> Who?



A user which was active here a long time ago and then got banned (if I remember correctly).


----------



## Reginald Fairfield (Feb 25, 2018)

Perilouise said:


> A user which was active here a long time ago and then got banned (if I remember correctly).



What do you have to do to banned here?


----------



## Oblivia (Feb 25, 2018)

In addition to what Jeremy has already said, no one needs to panic.  The likelihood of a hacker targeting a normal user's account is essentially nonexistent, and there's not much anyone can do with just an email address.

The admin accounts are the hot commodity when it comes to any sort of malicious attack, and we're taking every precaution to make sure the site and every account is safe and secure going forward.


----------



## Paperboy012305 (Feb 25, 2018)

Umm, it felt like the server IP Address couldn't be found for a second, explain this.


----------



## That Marshal Fangirl (Feb 25, 2018)

Oh wow, I was watching Netflix and just barely went through the comments.  The idea of a hacker stealing your password is pretty scary!  I'm glad everything seems to be back to normal again.


----------



## Bcat (Feb 25, 2018)

Phew, thanks for making me feel a LOT better


----------



## amazonevan19 (Feb 25, 2018)

thanks for the heads up and all your hard work guys <3


----------



## TheDuke55 (Feb 25, 2018)

Everyone keeps asking why someone would hack a site such as this (specifically for Animal Crossing) and it's pretty clear why they do it. It's such a random and not well known site among the thousands that they could hit. They wanted to test themselves before they hit bigger fish.

That or maybe they were trying to get information (because this is technically a kids game) This sounds way more unlikely though. This isn't that uncommon, a Avatar the last airbender forum I was part of was hit by some Saudia Arabia hacker group. The site redirected to some screenshot where they gloated and were 'oh so edgy' Don't freak out so much about this guys.

Good job on the forum staff though!


----------



## Paperboy012305 (Feb 25, 2018)

TheDuke55 said:


> Everyone keeps asking why someone would hack a site such as this (specifically for Animal Crossing) and it's pretty clear why they do it. It's such a random and not well known site among the thousands that they could hit. They wanted to test themselves before they hit bigger fish.
> 
> That or maybe they were trying to get information (because this is technically a kids game) This sounds way more unlikely though. This isn't that uncommon, a Avatar the last airbender forum I was part of was hit by some Saudia Arabia hacker group. The site redirected to some screenshot where they gloated and were 'oh so edgy' Don't freak out so much about this guys.
> 
> Good job on the forum staff though!


Basically any site can be hacked at any time. No where is safe.


----------



## TheDuke55 (Feb 25, 2018)

Pretty much, but most upstart hackers go for smaller game to test the waters. At least from what I have experienced. They're all a nuisance though and should punch themselves in the groin for each attempt they make.


----------



## Chicha (Feb 25, 2018)

Wow, that's pretty crazy. I was wondering why I had to put up a new password all of a sudden. Either way, I changed it for both here and the e-mail connected to be safe. Stay safe, everyone!

Thanks to the staff for working so hard on this! This is so strange.


----------



## Paperboy012305 (Feb 25, 2018)

I got logged out while I was idle, and I thought I was banned.

Is this an addition to this site password reset?


----------



## AnimalCrossingPerson (Feb 25, 2018)

Partial quotes incoming!



Dedenne2 said:


> Damn now I have to change the password I've used since I  was 5



Not recommended, but you could just use the same password.



Bcat said:


> I?m a little worried. Is there anything bad he can do if he has our email addresses?



Send spam, phishing emails and try breaking into any accounts on other websites where you've used the same registration email address. It's possible the list will be sold and/or leaked publicly. Currently the latter has not happened.



Antonio said:


> The hacker was also aware of the encryption used to encrypt (Stating something like md5) so he could still decrypt your password, so do change it.



Didn't realise up until now that VBulletin still uses MD5. That's just not secure enough these days. At least they're salted though so take a bit of power to crack. Staff: Changing vBulletin 4 its password hashing to use BCrypt



Paperboy012305 said:


> Umm, it felt like the server IP Address couldn't be found for a second, explain this.



Not sure what you mean. The server IP address is 199.245.54.174 but I don't think that's what you're after.



TheDuke55 said:


> Everyone keeps asking why someone would hack a site such as this (specifically for Animal Crossing) and it's pretty clear why they do it. It's such a random and not well known site among the thousands that they could hit. They wanted to test themselves before they hit bigger fish.



If there's an exploit that affects multiple sites, you may as well hunt down as many sites as possible where said exploit can be used. TBT has an Alexa rank of approximately 150,000, so while it's far from being the number one site in the world, it isn't unknown either.



Paperboy012305 said:


> Basically any site can be hacked at any time. No where is safe.



Ehh, kinda. Some have more backdoors than others. I'm guessing they managed some MySQL injection magic in this instance.


----------



## Soigne (Feb 25, 2018)

hmm, maybe this was a good thing after all, forcing to change my 907 day old password.


----------



## Keldi (Feb 25, 2018)

If I'm not in this specific tab in Chrome for long enough, I get logged out. If I go to the YouTube app on my phone for 20 minutes then come back, it's really laggy and once it loads, I'm logged out.
Should I be concerned?


----------



## Jeremy (Feb 25, 2018)

If it's logging you out, it's probably just because you didn't have "remember me" checked when you logged in after changing it.


----------



## Keldi (Feb 25, 2018)

Jeremy said:


> If it's logging you out, it's probably just because you didn't have "remember me" checked when you logged in after changing it.



Just logged out then back in. It was checked? I rechecked it. I'll update.


----------



## Paperboy012305 (Feb 25, 2018)

Jeremy said:


> If it's logging you out, it's probably just because you didn't have "remember me" checked when you logged in after changing it.


I had the "remember me" checked, I didn't see it, but I still got logged out when it happened.


----------



## Trundle (Feb 25, 2018)

Paperboy012305 said:


> I had the "remember me" checked, I didn't see it, but I still got logged out when it happened.



Sometimes your browsers autofill will show it as checked when it really isn't. Unchecking and rechecking should do the trick.


----------



## duckykate (Feb 25, 2018)

maybe you could help by, i don't know, securing the site??


----------



## Keldi (Feb 25, 2018)

My log-in situation is all good! ^_^


----------



## Bcat (Feb 25, 2018)

I had the login ‘remember me’ glitch other people seemed to have but it’s good for me now too, no need to worry I guess?


----------



## Cress (Feb 25, 2018)

Soigne said:


> hmm, maybe this was a good thing after all, forcing to change my 907 day old password.



1,637 days old password over here lol


----------



## oath2order (Feb 25, 2018)

katezilla said:


> maybe you could help by, i don't know, securing the site??



A+ brilliant idea they definitely did not think of that until right now.

- - - Post Merge - - -

On another note, for your emails, set up two-factor authentication.


----------



## Keldi (Feb 25, 2018)

The site is a little on the slow side for me. Is this only on mobile? Anybody else experiencing this?

- - - Post Merge - - -



Cress said:


> 1,637 days old password over here lol



But it said after 300 something days, it expires...What? How?


----------



## KnoxUK (Feb 25, 2018)

Has this ever happened before?


----------



## AnimalCrossingPerson (Feb 25, 2018)

KnoxUK said:


> Has this ever happened before?



To my knowledge this is TBT's first database leak. I hope the vulnerability has been patched or else we'll soon have another.


----------



## KnoxUK (Feb 25, 2018)

AnimalCrossingPerson said:


> To my knowledge this is TBT's first database leak. I hope the vulnerability has been patched or else we'll soon have another.



Hopefully it stops, but I think its because of the server issues not so long ago.


----------



## AnimalCrossingPerson (Feb 25, 2018)

KnoxUK said:


> Hopefully it stops, but I think its because of the server issues not so long ago.



The other way around.



Jeremy said:


> As you may have noticed yesterday, the forum was down in the morning and then again later that night. This was due to an attack on the site. [...] This incident appears to be unrelated to the site downtime that we experienced two weekends ago.


----------



## Antonio (Feb 25, 2018)

Didn't they transfer hosts?


----------



## ~Unicorn~ (Feb 25, 2018)

hope this is resolved soon.

shoo hackers


----------



## Ilafae (Feb 25, 2018)

Im so glad I found this thread I was a little worried, I've not been able to use the site for almost two days and when I finally managed to get on a proper page the pass reset came up, but im still having problems with anything loading, but im glad people know whats up.


----------



## Xerolin (Feb 26, 2018)

Oh my god I logged into the site and thought I was banned, and with my history is wouldn't have been surprised

- - - Post Merge - - -



SensaiGallade said:


> I bet it was Starrywolf again



Hey I know starry as a friend and he's not smart enough to do that so ://// sorry


----------



## Khaelis (Feb 26, 2018)

Oh dear.. that's unfortunate. Will you consider getting TBT under https:// protocol in the near future because of this?


----------



## KaydeeKrunk (Feb 26, 2018)

pidge said:


> I was about to ask about why it said my pass was 361 days old, but never mind that.
> 
> I hope you can resolve this issue without much hassle!! ♥



Mine was thousands of days old... O.O


----------



## Reginald Fairfield (Feb 26, 2018)

Can't seem do view my profile again.


----------



## Trundle (Feb 26, 2018)

Khaelis said:


> Oh dear.. that's unfortunate. Will you consider getting TBT under https:// protocol in the near future because of this?



To be fair, the site having https wouldn't have changed what happened. It would have just meant the site is more secure over insecure networks (such as your local coffee shop's network). MITM attacks are unlikely over your home network (and your ISP likely can monitor your traffic anyway).


----------



## KaydeeKrunk (Feb 26, 2018)

Reginald Fairfield said:


> Can't seem do view my profile again.



Having the same issue. =/ Hope it's fixed soon!


----------



## cornimer (Feb 26, 2018)

Reginald Fairfield said:


> Can't seem do view my profile again.



Same here


----------



## That Marshal Fangirl (Feb 26, 2018)

Yep, all the profiles are broken again.  Please fix this before today, as I have a couple people I need to say happy birthday to. :/


----------



## Alienfish (Feb 26, 2018)

Yeah broke here too.. honestly I'd rather have other stuff gone than this aaa


----------



## duckykate (Feb 26, 2018)

oath2order said:


> A+ brilliant idea they definitely did not think of that until right now.



Then why isn't it secure����


----------



## AnimalCrossingPerson (Feb 26, 2018)

Trundle said:


> MITM attacks are unlikely over your home network (and your ISP likely can monitor your traffic anyway).



Regardless of encryption, your ISP can monitor which websites you visit, but only without encryption can they view and modify (such as adding their own adverts) the actual page content. Of course, there may be laws theoretically preventing them from doing so, but that depends on your area.

- - - Post Merge - - -



katezilla said:


> oath2order said:
> 
> 
> > A+ brilliant idea they definitely did not think of that until right now.
> ...


----------



## Jeremy (Feb 26, 2018)

The user profiles are back. The feedback system was causing this.

Also, please don't answer questions on behalf of the site as it could spread misinformation or panic. The site is secure and we were able to tell how the attacker gained access shortly after it happened. It has been addressed, but I can't disclose details for security reasons.


----------



## AnimalCrossingPerson (Feb 26, 2018)

Jeremy said:


> The site is secure and we were able to tell how the attacker gained access shortly after it happened. It has been addressed, but I can't disclose details for security reasons.



We're not expecting you to share how it was done, especially if the process may work on other websites.


----------



## Mink777 (Feb 26, 2018)

SensaiGallade said:


> I bet it was Starrywolf again



Could have been others too such as L o t t i e, Izzy Reincarnated, Jared:3, Hulaetta(or whatever), or pups.

- - - Post Merge - - -

Wait, was it pidge?


----------



## Haydenv019 (Feb 26, 2018)

I don't understand why hackers would need to target an ANIMAL CROSSING FORUMS. All they're gonna get is  *cough* online user's IP's, emails, and site passwords which TOTALLY couldn't relate to any other passwords they use on other applications and websites (like me)

Still don't get it.


----------



## Bowie (Feb 26, 2018)

I announce I'm leaving and suddenly the forum's in a mess. Figures.

Seriously, though, that's scary stuff. I'm gonna have to reset all my passwords now.


----------



## PoizonMushro0m (Feb 26, 2018)

Soigne said:


> hmm, maybe this was a good thing after all, forcing to change my 907 day old password.



I had a 2020 day old password I just had to change, what sucks is I have the same password for multiple forums so hopefully our info doesn't get sold/leaked.


----------



## mitfy (Feb 26, 2018)

oh, strange. i was confused as to why i got that message! well, better safe than sorry.


----------



## Elijo (Feb 26, 2018)

Soigne said:


> hmm, maybe this was a good thing after all, forcing to change my 907 day old password.



Apparently mine was over 1200 days old jfc


----------



## Jake (Feb 27, 2018)

Haydenv019 said:


> I don't understand why hackers would need to target an ANIMAL CROSSING FORUMS. All they're gonna get is  *cough* online user's IP's, emails, and site passwords which TOTALLY couldn't relate to any other passwords they use on other applications and websites (like me)
> 
> Still don't get it.



As Oblivia said, the hackers don't care about regular members, the main thing they were after were admin accounts so users here needn't have anything to worry about.


----------



## Hopeless Opus (Feb 27, 2018)

holy **** i just looked on that have i been pwned site and i just found out my **** was breached in 2013 by tumblr, wtfffff

also i was so confused when i saw the change your password thing, but i'm glad things are getting back to normal


----------



## Reginald Fairfield (Feb 27, 2018)

I can't seem to view my profile again.


----------



## cornimer (Feb 27, 2018)

It seems as if profiles are breaking again every morning


----------



## Ezamoosh (Feb 27, 2018)

Chickensmoothie also got hacked the other day. Seems it isn't just this site being targeted .


----------



## Antonio (Feb 27, 2018)

Jake said:


> As Oblivia said, the hackers don't care about regular members, the main thing they were after were admin accounts so users here needn't have anything to worry about.



But the hacker said he got the database (not sure whole or just some parts) which means he could log into dead accounts and pretend to be them. Just because he was targeting admins at the time doesn't mean he could not have gone towards users in the future (Unless you know who it was and have IP banned them). So, y'all should change your password, change your email password, hide your kids, hide your wives, etc. Even if he didn't plan to, he could've done something that the staff aren't aware of or could be aware of in the near future. 

*But, it's unlikely something like this would happen.* Saying that the hacker was just targeting the admins doesn't feel that reassuring. You never know what could happen, even if it's unlikely.


----------



## Jeremy (Feb 27, 2018)

That's why we enabled the password resetting.

Also, the profiles are working now. It should stop breaking each morning going forward.


----------



## Antonio (Feb 27, 2018)

Jeremy said:


> That's why we enabled the password resetting.
> 
> Also, the profiles are working now. It should stop breaking each morning going forward.



*WITCHCRAFT!!!!!*
Yes, it's always good to take safety measures when a threat has arrived.


----------



## Blu Rose (Feb 27, 2018)

>1565-day-old password change


----------



## Mink777 (Feb 27, 2018)

I'm just glad my password was a bunch of random letters here. It was different than any other site.


----------



## Reginald Fairfield (Feb 28, 2018)

Rather slow for anyone else?


----------



## cornimer (Feb 28, 2018)

It's morning and the profiles work


----------



## TykiButterfree (Feb 28, 2018)

Wow that is pretty ridiculous. I don't see the point it trying to hack this site. And I also have a separate email for silly gaming stuff so it doesn't mess with work or other important messages. Thanks for resetting passwords as a precaution.


----------



## Spooky. (Mar 2, 2018)

I got scared when I logged in and it had me reset, but I'm glad it prompted if there was an attack


----------



## bcmii (Mar 3, 2018)

Oh OK, that explains it. I logged on, and it was trying to claim that my password was 350+ days old. I haven even been a member of the site for that long. I actually got kind of mad, and left the site, because it kept trying to claim the password I was putting in was not matching my current password. 

I thought I had been banned or something :/

I decided to come back today, and actually go through the password reset process, and FINALLY got it after several reset attempts. Not a good situation.


----------



## Haskell (Mar 3, 2018)

Jeremy said:


> That's why we enabled the password resetting.
> 
> Also, the profiles are working now. It should stop breaking each morning going forward.



What if I want to use my old password again?


----------



## Khaelis (Mar 3, 2018)

Raskell said:


> What if I want to use my old password again?



You're more than free to use it, although I would highly not recommend it in doing so.


----------



## Stalfos (Mar 4, 2018)

I'm probably gonna keep entering my old password every time I log in. >.<


----------



## Alienfish (Mar 4, 2018)

Stalfos said:


> I'm probably gonna keep entering my old password every time I log in. >.<



im still doing that bc my new one is a bit harder and longer lol


----------



## xSuperMario64x (Mar 4, 2018)

Stalfos said:


> I'm probably gonna keep entering my old password every time I log in. >.<



sameee lol I logged in on my phone yesterday and it had my old password saved into my phone but it told me it was wrong and I was like OH SHOOT PASSWORD CHANGE


----------



## duckykate (Mar 4, 2018)

harder and longer huh


----------



## Lady Timpani (Mar 4, 2018)

katezilla said:


> harder and longer huh



Mad at myself for smiling a little smh


----------



## That Marshal Fangirl (Mar 4, 2018)

katezilla said:


> harder and longer huh



Bruh.  Lmao


----------



## John Wick (Mar 4, 2018)

My avatar keeps vanishing.


----------



## AngelBunny (Mar 4, 2018)

oh wow 

umm

i use the same pass everywhere

SAVE MY VIRTUAL ANIMAL JAM STUFF

AND MY CATS ON CHICKENSMOOTHIE


----------



## AWESOMEGAMER (Mar 4, 2018)

who tried to hack this site :-/ it was thonky wasn't it :-D

naaaahhhhhhh it was SONY
no it was EA trying to see exactly what Animal Crossing is...... mabe it was TSR


----------



## duckykate (Mar 5, 2018)

Lady Timpani said:


> Mad at myself for smiling a little smh


----------



## 5b3ll (Apr 7, 2021)

ThatOneMarshalFangirl said:


> Wow, really?  This seems like an odd site to try and hack, but oh well.  If changing my password fixes all the issues we've been having lately then I'm all for it.



Hackers will sometimes test breached passwords and if they work, they'll use them on other sites since so many people reuse passwords


----------



## Moritz (Apr 7, 2021)

Did this happen again?


----------



## Tsuki17 (Apr 7, 2021)

Ummm... i just got this alert now?


----------



## bionic (Apr 7, 2021)

Me too. Haven’t used site for years so was a big shock to get this email. Glad to know my security is being protected as much as possible though


----------



## Chris (Apr 7, 2021)

Tsuki17 said:


> Ummm... i just got this alert now?





bionic said:


> Me too. Haven’t used site for years so was a big shock to get this email. Glad to know my security is being protected as much as possible though



For security reasons emails are being sent out this evening to people who still haven't changed their password since the data breach in February 2018.


----------



## Squishydew (Apr 7, 2021)

Vrisnem said:


> For security reasons emails have been sent out this evening to people who still hadn't changed their password since the data breach in February 2018.



Good god that gave me a scare!


----------



## Antonio (Apr 7, 2021)

Vrisnem said:


> For security reasons emails are being sent out this evening to people who still haven't changed their password since the data breach in February 2018.


In the format of a watch threat alert?


----------



## bionic (Apr 7, 2021)

Vrisnem said:


> For security reasons emails are being sent out this evening to people who still haven't changed their password since the data breach in February 2018.


Thanks for email, otherwise may never have known!  Was a bit scary to see the email and assume someone was trying to break in, then I saw the big banner at top of this site which explained it all and I breathed a sigh of relief


----------



## th8827 (Apr 7, 2021)

I was wondering why I got the email. I was worried that someone was trying to hack my account.


----------



## xara (Apr 8, 2021)

xara said:


> also, i stepped away from the forums for like,, half an hour and came back to this;
> 
> View attachment 366018
> 
> this literally scared the **** out of me. not a big deal once i actually read it but the initial red box and seeing “your account has been flagged” was scary as hell LMAO.



throwback to saturday when i got this alert and almost died.


----------

