Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all,
Vanilla are planning an update to the site on April 24th (next Wednesday). It is a major PHP8 update which is expected to boost performance across the site. The site will be down from 7pm and it is expected to take about an hour to complete. We appreciate your patience during the update.
Thanks all.

Boards.ie Attack - What Happened? Please post all questions here.

  • 22-01-2010 8:05pm
    #1
    Business & Finance Moderators, Entertainment Moderators Posts: 32,387 Mod ✭✭✭✭DeVore


    As you are most likely aware, we had an unauthorised access of the site's database. As a result you will need to request your new password using our forgotten password system. You should obviously NOT change it back to your old password.

    We also suggest that if you used your old password on other sites with the same username/email then you should change it there too.

    This thread is to answer your questions; ideally people won’t use it to converse about side topics. If you keep it to direct questions I will try to answer them directly too.

    I'm on stage all this week in the Boards Drama Group (No Drama)'s play so I wont be on until after 11pm this evening.

    The order of events of the day are appended below.

    DeV.
    • 11:22 – Administrative account compromised

    • 11:22 -> 11:34 – Administrative account used to insert malicious code into our software

    • 11:34 – User table dumped to public directory and downloaded

    • 11:36 – Unauthorized access spotted by technical team

    • 11:37 – Unauthorized files quarantined

    • 11:38 -> 11:50 – Investigating nature of access

    • 11:50 – Web servers shut down, shifted to maintenance mode to prevent further access

    • 12 noon – Team met to discuss our responses; as part of that we contacted IT Security specialist Brian Honan and communications specialist Damien Mulley. We took the following actions as our process specified and taking expert advice on board also.

    • Extended investigation of breach, it's cause, and planning of solution.

    • Initiated communications with the Garda Computer Crime Unit

    • Contacted the Data Protection Commissioner to make them aware of events.

    • Composed a Press Release and released it to relevant media.

    • Contacted the Press Office of RTE.ie to organise/facilitate 6.1 News report to broaden the reach of our notice.

    • Composed email to members and message for homepage to ensure facts were communicated clearly and openly

    • 16:00 Published homepage message and started sending approximately 300,000 emails.

    • Communicated with members via twitter and emailed queries

    • Responded to media queries including RTE news, The Last Word on TodayFM, KCLR FM, Techcentral.ie, Sunday Business Post, Irish Daily Mail, Metro Herald.

    • Communicated to member queries via Twitter and Email throughout the evening and all of today.
    Post edited by Shield on


«13456721

Comments

  • Registered Users Posts: 11,987 ✭✭✭✭zAbbo


    Well done lads, very well communicated & handled. Kudos to the whole team.


  • Registered Users Posts: 13,768 ✭✭✭✭ctrl-alt-delete


    Are the rumours about it being Lucky Lloyd true?

    he was out of the country after all!


  • Registered Users Posts: 81,514 ✭✭✭✭Overheal


    Thank God - my caffeine-free solidarity is over. I had already fallen off my chair in Work.

    funny-pictures-kitten-has-a-happy.jpg


  • Registered Users Posts: 804 ✭✭✭TimTim


    Just two questions from me:

    I know vBulletin hashes passwords using MD5 but was there a salt used in hashing? (is it even possible with vbulletin?)

    If the above answer is no is it possible to get my original hashed password sent by pm? I actually can't remember what password I used for boards.ie and I need to figure out what logins i need to reset.


  • Registered Users Posts: 30,123 ✭✭✭✭Star Lord


    Well done to all involved. We missed ya!

    *hugs site*


  • Advertisement
  • Banned (with Prison Access) Posts: 23,089 ✭✭✭✭rovert


    The new password procedure was a piece of piss thankfully.

    Cheers


  • Registered Users Posts: 40,055 ✭✭✭✭Sparks


    No, no, it was bikers.ie.
    Because, as you know, we're amateur hour here and store the passwords on the website.



    Along with the secret recipe for coca-cola and KFC chicken.


  • Registered Users Posts: 430 ✭✭moralproduction


    fair play to all involved in getting things back to normal


  • Registered Users Posts: 26,148 ✭✭✭✭Berty


    Welcome back.

    Life has been empty without you. :o


  • Registered Users Posts: 1,862 ✭✭✭flamegrill


    Overall well handled. Darragh did a good job on the twitter account fair play to him.

    I'd be good to hear how they got in and what you're doing to prevent it.

    Paul


  • Advertisement
  • Closed Accounts Posts: 22,559 ✭✭✭✭AnonoBoy


    I'm not joking here but could it have been StormFront?

    They are after all massively daft racists.


  • Closed Accounts Posts: 88,978 ✭✭✭✭mike65


    It was politics.ie - they hate us


  • Registered Users Posts: 529 ✭✭✭Fergus


    Welcome back guys. Amazingly fast reactions by the team.


  • Registered Users Posts: 43,774 ✭✭✭✭Basq


    Like I said on Twatter, I have to applaud the staff over at Boards HQ who handled the situation like absolute pros!

    So many sites would have simply said downtime with no real explanation, but to get full disclosure on the whole thing (was it a necessity by law, or anything?) was a welcome change.

    Great to have ye back...!


  • Moderators, Category Moderators, Music Moderators, Regional East Moderators, Regional Midlands Moderators, Regional Midwest Moderators, Regional Abroad Moderators, Regional North Mods, Regional West Moderators, Regional South East Moderators, Regional North East Moderators, Regional North West Moderators, Regional South Moderators Posts: 8,007 CMod ✭✭✭✭Gaspode


    Great to have Boards back!


  • Moderators, Science, Health & Environment Moderators Posts: 23,204 Mod ✭✭✭✭godtabh


    So whats been done to prevent this from happening again>?

    I'm not worried of it happening again but others might and I think whats happened over the last 36 hours or so may have done alot of damage to boards rep.

    I've been getting emails as far a field as Iceland about this.

    Maybe an announcement on that would be helpful?


  • Closed Accounts Posts: 6 Kopdave


    Thank God Boards is back, now hurry with adds! best of luck guys..........;)


  • Closed Accounts Posts: 6,164 ✭✭✭Konata


    Good work to all involved and thank you!


  • Closed Accounts Posts: 22,905 ✭✭✭✭Handsome Bob


    I didn't miss any of you mugs at all. :pac:


  • Registered Users Posts: 1,102 ✭✭✭am i bovvered


    Its great to be back !!!!! Really missed all ye :P


  • Advertisement
  • Closed Accounts Posts: 10,817 ✭✭✭✭Dord


    Excellent work guys! very well handled. :)

    It was odd seeing boards.ie being mentioned everywhere. Hopefully it does you good in terms of vistors.


  • Registered Users Posts: 263 ✭✭Magaa


    happy that you are back!


  • Registered Users Posts: 43,774 ✭✭✭✭Basq


    I'd be interested to know (in not too much specifics) how the site was compromised.

    Would I be correct in saying you're using an out-dated version of vBulletin? If so, was a security hole in this (that has since been patched)? If you are using an older version of vBulletin, it's probably due to all the custom code associated with modutils and such.

    But I could be way off here.. so feel free to correct me and set me straight (as an actress said to a bishop).


  • Moderators, Category Moderators, Arts Moderators, Entertainment Moderators, Technology & Internet Moderators Posts: 22,668 CMod ✭✭✭✭Sad Professor


    Great work, guys. Thanks! :D


  • Registered Users Posts: 1,169 ✭✭✭Sagat06


    Two days of uninterrupted work, that simply wont do people :D

    Great job on the communication and getting the site back up!


  • Moderators, Social & Fun Moderators, Regional Abroad Moderators Posts: 6,485 Mod ✭✭✭✭silvervixen84


    Very well handled lads, the twitter feed was so helpful, and the change password procedure is dead easy. Scary stuff!!


  • Registered Users Posts: 763 ✭✭✭F-Stop


    Fair play to you. Spotted quickly, handled well, and you were open and honest with the site users. Cheers.


  • Registered Users Posts: 26,061 ✭✭✭✭Terry


    Gaspode wrote: »
    Great to have Boards back!

    I'm of to the CT thread to float that one! :)


    Thanks to all involved in getting the site back up and running.

    For those complaining about having to change their password, you really should be changing all passwords every so often anyway.


  • Registered Users Posts: 40,055 ✭✭✭✭Sparks


    mike65 wrote: »
    It was politics.ie - they hate us
    No, it was the PROC forum. 'Cos they has mad skillz.

    Or it was us, 'cos boards files a tax return soon and the Revenue wouldn't ask for it if the site wasn't up.

    Or 'cos someone shot the hamster.


  • Advertisement
  • Closed Accounts Posts: 17,485 ✭✭✭✭Ickle Magoo


    I have never been so productive, please don't do that again!

    Q, Once all investigations have been concluded will the details of the perpetrators and any motive be released?


Advertisement