Data breach

Home Forums Wrexham.com Forums Wrexham Forum Data breach

  • Author
    Posts
  • #197374

    Proudmum
    Participant

    Has anyone else been notified of a data breach on Wrexham.com? I think it can be for the forum as this is the only part of the website that requires a login.
    Avast has just informed that 1880 accounts have been breached and advise me to change my password.

    #197377
    Owain Glyndwr
    Owain Glyndwr
    Participant

    If you tell me the name of your fist pet, your mother’s maiden name and your first car, as well as your bank details, i can have a look for you.

    Seriously though, stay cyber safe everyone

    To be born Welsh is to be born privileged, not with a silver spoon in your mouth, but with music in your blood, and poetry in your soul.

    #197433
    Rob
    Rob
    Keymaster

    This one has been a bit of a puzzler but the server provider has been looking at this since it was flagged up as a possible issue.

    Avast report if an email address is linked to any released data lists current or historic (using them will subscribe you to them) but entering email to https://haveibeenpwned.com/ will give you similar data.

    Wrexham.com does appear on a ‘new’ list of 25,000 sites however the figures involved didn’t seem to match. There are some email addresses we have checked that flag up, but others (my own for this account for example) do not. There are a few other sites that will trigger alerts from sites that have never been used (again as a personal example I am listed on an issue about online game Evony that I have never heard of) , so it is unclear what the reality of any issue is – and it is stated as ‘unverified’ on the above link with commentary from some experts such data is over egged.

    After spending some time investigating it appears the data referenced could have came from the very old vBulletin software the forums ran on, and were moved from back in 2014-15. One of the reasons for moving was for security. On moving from vBulletin to this current software all users had to set new passwords, and to be clear that process would mean any passwords would be new – and even if old ones reused the ‘hash’ or mathematical stored version would be ‘salted’ so would not appear as the same.

    There is no proof that was the case but would be a best guess.

    Out of an abundance of caution we would suggest (here and anywhere!) if you are still using passwords from 2012-2015 then they should be changed, and as always would suggest using strong passwords.

    (Wrexham.com'er - email us on news@wrexham.com)

Content is user generated and is not moderated before posting. All content is viewed and used by you at your own risk and Wrexham.com does not warrant the accuracy or reliability of any of the information displayed. The views expressed on these Forums and social media are those of the individual contributors.
Complaint? Please use the report post tools or contact Wrexham.com .

You must be logged in to reply to this topic.

More...

MP praises flood response – “Community spirit has always been at the heart of Wrexham and this week has been no exception”

News

Health board plea for public to heed heart attack warning signs and attend hospital despite Coronavirus fears

News

Gin donation from Hollywood stars helps Wrexham pub raise money for charity

News

First Minister asks for specific education advice ahead of review next week – warns ‘probably unlikely’ any change

News

Video released of moment search and rescue helicopter helps rescue three people from floods in early hours of today

News

Wrexham Maelor Covid-19 update: 130 people receiving care at hospital

News