Boards.ie Attack - What Happened? Please post all questions here.

As you are most likely aware, we had an unauthorised access of the site's database. As a result you will need to request your new password using our forgotten password system. You should obviously NOT change it back to your old password.

We also suggest that if you used your old password on other sites with the same username/email then you should change it there too.

This thread is to answer your questions; ideally people won’t use it to converse about side topics. If you keep it to direct questions I will try to answer them directly too.

I'm on stage all this week in the Boards Drama Group (No Drama)'s play so I wont be on until after 11pm this evening.

The order of events of the day are appended below.

DeV.

• 11:22 – Administrative account compromised
  
  
• 11:22 -> 11:34 – Administrative account used to insert malicious code into our software
  
  
• 11:34 – User table dumped to public directory and downloaded
  
  
• 11:36 – Unauthorized access spotted by technical team
  
  
• 11:37 – Unauthorized files quarantined
  
  
• 11:38 -> 11:50 – Investigating nature of access
  
  
• 11:50 – Web servers shut down, shifted to maintenance mode to prevent further access
  
  
• 12 noon – Team met to discuss our responses; as part of that we contacted IT Security specialist Brian Honan and communications specialist Damien Mulley. We took the following actions as our process specified and taking expert advice on board also.
  
  
• Extended investigation of breach, it's cause, and planning of solution.
  
  
• Initiated communications with the Garda Computer Crime Unit
  
  
• Contacted the Data Protection Commissioner to make them aware of events.
  
  
• Composed a Press Release and released it to relevant media.
  
  
• Contacted the Press Office of RTE.ie to organise/facilitate 6.1 News report to broaden the reach of our notice.
  
  
• Composed email to members and message for homepage to ensure facts were communicated clearly and openly
  
  
• 16:00 Published homepage message and started sending approximately 300,000 emails.
  
  
• Communicated with members via twitter and emailed queries
  
  
• Responded to media queries including RTE news, The Last Word on TodayFM, KCLR FM, Techcentral.ie, Sunday Business Post, Irish Daily Mail, Metro Herald.
  
  
• Communicated to member queries via Twitter and Email throughout the evening and all of today.