Data breach

Home Forums Wrexham.com Forums Wrexham Forum Data breach

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • December 11, 2020 at 7:12 am #197374

    Proudmum
    Participant

    Has anyone else been notified of a data breach on Wrexham.com? I think it can be for the forum as this is the only part of the website that requires a login.
    Avast has just informed that 1880 accounts have been breached and advise me to change my password.

    December 11, 2020 at 10:50 am #197377

    Owain Glyndwr
    Participant

    If you tell me the name of your fist pet, your mother’s maiden name and your first car, as well as your bank details, i can have a look for you.

    Seriously though, stay cyber safe everyone

    December 11, 2020 at 5:37 pm #197433

    R T
    Keymaster

    This one has been a bit of a puzzler but the server provider has been looking at this since it was flagged up as a possible issue.

    Avast report if an email address is linked to any released data lists current or historic (using them will subscribe you to them) but entering email to https://haveibeenpwned.com/ will give you similar data.

    Wrexham.com does appear on a ‘new’ list of 25,000 sites however the figures involved didn’t seem to match. There are some email addresses we have checked that flag up, but others (my own for this account for example) do not. There are a few other sites that will trigger alerts from sites that have never been used (again as a personal example I am listed on an issue about online game Evony that I have never heard of) , so it is unclear what the reality of any issue is – and it is stated as ‘unverified’ on the above link with commentary from some experts such data is over egged.

    After spending some time investigating it appears the data referenced could have came from the very old vBulletin software the forums ran on, and were moved from back in 2014-15. One of the reasons for moving was for security. On moving from vBulletin to this current software all users had to set new passwords, and to be clear that process would mean any passwords would be new – and even if old ones reused the ‘hash’ or mathematical stored version would be ‘salted’ so would not appear as the same.

    There is no proof that was the case but would be a best guess.

    Out of an abundance of caution we would suggest (here and anywhere!) if you are still using passwords from 2012-2015 then they should be changed, and as always would suggest using strong passwords.

  • Author
    Posts
Content is user generated and is not moderated before posting. All content is viewed and used by you at your own risk and Wrexham.com does not warrant the accuracy or reliability of any of the information displayed. The views expressed on these Forums and social media are those of the individual contributors.
Complaint? Please use the report post tools or contact Wrexham.com .
Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

More...

Wrexham Council set to decide on 20mph ‘adjustments’ which ‘begin from September’

News

Wales’ fire authorities lack accountability amid harassment allegations, Senedd hears

News

Closure plan for Welshpool and Caernarfon Air Ambulance bases confirmed – with new base planned for ‘middle of North Wales’

News

Trading Standards warning over Facebook user “fraudulently advertising events locally”

News

The Ultimate Guide to Nickelodeon Resort Punta Cana

News

The Essential Guide to User Acceptance Testing (UAT)

News

Read 140,140,006 times since we started in 2011.

*Stats independently & directly measured by Google, via the Analytics Live API.


icnn