If you have a new account but are having problems posting or verifying your account, please email us on for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact
Hi all,
Vanilla are planning an update to the site on April 24th (next Wednesday). It is a major PHP8 update which is expected to boost performance across the site. The site will be down from 7pm and it is expected to take about an hour to complete. We appreciate your patience during the update.
Thanks all. Attack - What Happened? Please post all questions here.

  • 22-01-2010 8:05pm
    Business & Finance Moderators, Entertainment Moderators Posts: 32,387 Mod ✭✭✭✭DeVore

    As you are most likely aware, we had an unauthorised access of the site's database. As a result you will need to request your new password using our forgotten password system. You should obviously NOT change it back to your old password.

    We also suggest that if you used your old password on other sites with the same username/email then you should change it there too.

    This thread is to answer your questions; ideally people won’t use it to converse about side topics. If you keep it to direct questions I will try to answer them directly too.

    I'm on stage all this week in the Boards Drama Group (No Drama)'s play so I wont be on until after 11pm this evening.

    The order of events of the day are appended below.

    • 11:22 – Administrative account compromised

    • 11:22 -> 11:34 – Administrative account used to insert malicious code into our software

    • 11:34 – User table dumped to public directory and downloaded

    • 11:36 – Unauthorized access spotted by technical team

    • 11:37 – Unauthorized files quarantined

    • 11:38 -> 11:50 – Investigating nature of access

    • 11:50 – Web servers shut down, shifted to maintenance mode to prevent further access

    • 12 noon – Team met to discuss our responses; as part of that we contacted IT Security specialist Brian Honan and communications specialist Damien Mulley. We took the following actions as our process specified and taking expert advice on board also.

    • Extended investigation of breach, it's cause, and planning of solution.

    • Initiated communications with the Garda Computer Crime Unit

    • Contacted the Data Protection Commissioner to make them aware of events.

    • Composed a Press Release and released it to relevant media.

    • Contacted the Press Office of to organise/facilitate 6.1 News report to broaden the reach of our notice.

    • Composed email to members and message for homepage to ensure facts were communicated clearly and openly

    • 16:00 Published homepage message and started sending approximately 300,000 emails.

    • Communicated with members via twitter and emailed queries

    • Responded to media queries including RTE news, The Last Word on TodayFM, KCLR FM,, Sunday Business Post, Irish Daily Mail, Metro Herald.

    • Communicated to member queries via Twitter and Email throughout the evening and all of today.
    Post edited by Shield on



  • Registered Users Posts: 11,987 ✭✭✭✭zAbbo

    Well done lads, very well communicated & handled. Kudos to the whole team.

  • Registered Users Posts: 13,768 ✭✭✭✭ctrl-alt-delete

    Are the rumours about it being Lucky Lloyd true?

    he was out of the country after all!

  • Registered Users Posts: 81,514 ✭✭✭✭Overheal

    Thank God - my caffeine-free solidarity is over. I had already fallen off my chair in Work.


  • Registered Users Posts: 804 ✭✭✭TimTim

    Just two questions from me:

    I know vBulletin hashes passwords using MD5 but was there a salt used in hashing? (is it even possible with vbulletin?)

    If the above answer is no is it possible to get my original hashed password sent by pm? I actually can't remember what password I used for and I need to figure out what logins i need to reset.

  • Registered Users Posts: 30,123 ✭✭✭✭Star Lord

    Well done to all involved. We missed ya!

    *hugs site*

  • Advertisement
  • Banned (with Prison Access) Posts: 23,089 ✭✭✭✭rovert

    The new password procedure was a piece of piss thankfully.


  • Registered Users Posts: 40,055 ✭✭✭✭Sparks

    No, no, it was
    Because, as you know, we're amateur hour here and store the passwords on the website.

    Along with the secret recipe for coca-cola and KFC chicken.

  • Registered Users Posts: 430 ✭✭moralproduction

    fair play to all involved in getting things back to normal

  • Registered Users Posts: 26,148 ✭✭✭✭Berty

    Welcome back.

    Life has been empty without you. :o

  • Registered Users Posts: 1,862 ✭✭✭flamegrill

    Overall well handled. Darragh did a good job on the twitter account fair play to him.

    I'd be good to hear how they got in and what you're doing to prevent it.


  • Advertisement
  • Closed Accounts Posts: 22,559 ✭✭✭✭AnonoBoy

    I'm not joking here but could it have been StormFront?

    They are after all massively daft racists.

  • Closed Accounts Posts: 88,978 ✭✭✭✭mike65

    It was - they hate us

  • Registered Users Posts: 529 ✭✭✭Fergus

    Welcome back guys. Amazingly fast reactions by the team.

  • Registered Users Posts: 43,774 ✭✭✭✭Basq

    Like I said on Twatter, I have to applaud the staff over at Boards HQ who handled the situation like absolute pros!

    So many sites would have simply said downtime with no real explanation, but to get full disclosure on the whole thing (was it a necessity by law, or anything?) was a welcome change.

    Great to have ye back...!

  • Moderators, Category Moderators, Music Moderators, Regional East Moderators, Regional Midlands Moderators, Regional Midwest Moderators, Regional Abroad Moderators, Regional North Mods, Regional West Moderators, Regional South East Moderators, Regional North East Moderators, Regional North West Moderators, Regional South Moderators Posts: 8,007 CMod ✭✭✭✭Gaspode

    Great to have Boards back!

  • Moderators, Science, Health & Environment Moderators Posts: 23,204 Mod ✭✭✭✭godtabh

    So whats been done to prevent this from happening again>?

    I'm not worried of it happening again but others might and I think whats happened over the last 36 hours or so may have done alot of damage to boards rep.

    I've been getting emails as far a field as Iceland about this.

    Maybe an announcement on that would be helpful?

  • Closed Accounts Posts: 6 Kopdave

    Thank God Boards is back, now hurry with adds! best of luck guys..........;)

  • Closed Accounts Posts: 6,164 ✭✭✭Konata

    Good work to all involved and thank you!

  • Closed Accounts Posts: 22,905 ✭✭✭✭Handsome Bob

    I didn't miss any of you mugs at all. :pac:

  • Registered Users Posts: 1,102 ✭✭✭am i bovvered

    Its great to be back !!!!! Really missed all ye :P

  • Advertisement
  • Closed Accounts Posts: 10,817 ✭✭✭✭Dord

    Excellent work guys! very well handled. :)

    It was odd seeing being mentioned everywhere. Hopefully it does you good in terms of vistors.

  • Registered Users Posts: 263 ✭✭Magaa

    happy that you are back!

  • Registered Users Posts: 43,774 ✭✭✭✭Basq

    I'd be interested to know (in not too much specifics) how the site was compromised.

    Would I be correct in saying you're using an out-dated version of vBulletin? If so, was a security hole in this (that has since been patched)? If you are using an older version of vBulletin, it's probably due to all the custom code associated with modutils and such.

    But I could be way off here.. so feel free to correct me and set me straight (as an actress said to a bishop).

  • Moderators, Category Moderators, Arts Moderators, Entertainment Moderators, Technology & Internet Moderators Posts: 22,668 CMod ✭✭✭✭Sad Professor

    Great work, guys. Thanks! :D

  • Registered Users Posts: 1,169 ✭✭✭Sagat06

    Two days of uninterrupted work, that simply wont do people :D

    Great job on the communication and getting the site back up!

  • Moderators, Social & Fun Moderators, Regional Abroad Moderators Posts: 6,485 Mod ✭✭✭✭silvervixen84

    Very well handled lads, the twitter feed was so helpful, and the change password procedure is dead easy. Scary stuff!!

  • Registered Users Posts: 763 ✭✭✭F-Stop

    Fair play to you. Spotted quickly, handled well, and you were open and honest with the site users. Cheers.

  • Registered Users Posts: 26,061 ✭✭✭✭Terry

    Gaspode wrote: »
    Great to have Boards back!

    I'm of to the CT thread to float that one! :)

    Thanks to all involved in getting the site back up and running.

    For those complaining about having to change their password, you really should be changing all passwords every so often anyway.

  • Registered Users Posts: 40,055 ✭✭✭✭Sparks

    mike65 wrote: »
    It was - they hate us
    No, it was the PROC forum. 'Cos they has mad skillz.

    Or it was us, 'cos boards files a tax return soon and the Revenue wouldn't ask for it if the site wasn't up.

    Or 'cos someone shot the hamster.

  • Advertisement
  • Closed Accounts Posts: 17,485 ✭✭✭✭Ickle Magoo

    I have never been so productive, please don't do that again!

    Q, Once all investigations have been concluded will the details of the perpetrators and any motive be released?