- Joined
- Jun 18, 2002
- Messages
- 28,344
Yes, it appears a couple of users (including someone with admin forum access) have had their accounts compromised through hacks on other places - where they use the same email / password combo. We highly recommend everyone enable two factor authentication which will prevent access even if your account is kompromat.Maybe someone is trying emails/password combos from pwned lists?
Don't reuse passwords people.
This is a good thing though because it saves me from having to ban half the forum and delete accounts after a mole hunt. Can you imagine the drama behind that?
Also, it only looks like they grabbed about 14 threads and some page indexes from the admin forum. Though truthfully, I haven't been through the full logs yet. Once I have, I should be able to list all compromised accounts, and track down who logged in and out of what. Then take appropriate action.
But phew, good thing it's this and not a bunch of legitimate users that I'd have to nuke from high orbit.