General Discussion

If this is your first visit, you will need to register before you can post. (All members of the forum must adhere to the Code of Conduct, as outlined in the Terms and Conditions)

Moderators: Da Boss

2135 Posts in 318 Topics by 277 members

Topic: Be aware: account information may be compromised

Page: 1
  • Be aware: account information may be compromised

    I use a different e-mail address on each site where I register. This is useful as it means I can tell whether any messages purporting to come from a particular source are genuine or not.

    I recently received a spam message that was a phishing e-mail attempting to spoof PayPal, but the e-mail address it used was the one I have registered here (and nowhere else).

    So please be aware that the account information from the forums may have been hacked. I have changed my password accordingly.

  • Re: Be aware: account information may be compromised

    Hi Stelio,

    My webmaster has checked his logs and security processes, and nothing is amiss. You signed up for the site over a year ago, so is it possible that in the intervening year you used the same email address elsewhere? It's also entirely possible that the email address was harvested via some other more benign means.

    Either way, I can confirm that this site does not sell or publish user's details, nor has there been a security breach/hack.

    Rest assured, that if something was to happen to the site, I/the webmaster would contact users directly, apologising and informing them of the correct course of action.



  • Re: Be aware: account information may be compromised

    I completely trust you in terms of use of data, so I'm certainly not worried about that. But recently there have been many successful attacks on all sorts of sites, with the attackers gaining user information. I can probably point out half a dozen high profile cases in the past couple of months.

    In terms of whether this e-mail address has been used elsewhere, no. It starts "destinyquest@" which is a bit of a give away. ;-)

  • Re: Be aware: account information may be compromised

    A few quick examples (links go to pages reporting the security breaches)...

    Feb 2012 - Microsoft Store India
    Feb 2012 - Foxconn
    Feb 2012 - Stratfor
    May 2012 - BoardGameGeek
    Jun 2012 - LinkedIn
    Jun 2012 -
    Jun 2012 - eHarmony
    Jun 2012 - Twitter

    Note that the BGG break-in in particular show the same features: users with e-mail addresses that they had never used elsewhere receiving spam. And note that it took BGG quite some time to find the breach in security. If you'd like, I can try to find out the nature of the breach at BGG as it may help you in uncovering any issue with your own security.

  • Re: Be aware: account information may be compromised

    I've passed this information on and spoken to my webmaster.

    I can only reiterate his previous assurances that there has been, to his knowledge, no breach to the site's server security but he will continue to check and monitor the situation.

    If users wish to change their password (if it is used for other accounts) they are, of course, free to do so.

    If anyone has any worries/concerns in future can you please contact me directly at:

  • Re: Be aware: account information may be compromised

    As a general rule, its best to get out of the habit of using the same password for multiple sites/logins. Its never easy remembering them all especially if you don't log in that often. Probably the most simplest way is to use a book and give a reference number to its page, paragraph, line and word position. Don't write down your password book your using, but making a note of the page number etc should not be a problem.

    Example, using The Legion of Shadow the reference p-211 L-3 W-7 should give you the password "village". Check it out. If you get used to a system you can just write down passwords as 211/3/7, who would ever know.

    Hope this helps

Currently Online: There is nobody online.

Welcome to our latest member: Scarlette

Copyright © 2010 Michael Ward | Terms and Conditions | Acknowledgments | site built by nomad