phpBBModders.net

What, why, who??!?

Good God!

Just saw the message a few moments ago after coming home from work!
This is terrible, hope there's not too much damage done.
Anyone with news on the subject?

Back in a bit, have to have dinner and start changing passwords... just in case.

Downtime


(Update #2) On Sunday Dec. 14th, several of the web servers powering phpBB.com were compromised. Upon discovering the ongoing attack, we immediately took our network offline to perform a thorough investigation, which is continuing.

At this time, we would like to ask everyone to follow basic security protocol. If you were using your http://www.phpBB.com or area51.phpBB.com passwords anywhere else, please change them to unqiue ones.

Your personal phpBB Forums are NOT affected by the compromise of our servers.

We will be rebuilding our systems from the ground up and verifying the integrity of all data prior to coming back online. This process will likely take several days.

Further updates will be posted here when we have additional information.

If you need urgent assistance, please make use of the #phpbb IRC channel on Freenode. A web-based client is available at http://webchat.freenode.net.



- The phpBB Team


it's because of the stupid 3.1 update! they changed so many code and maybe left some "doors" opened by mistake! why they made an update so complex?!? 3.0.12 was simple and stable..

More like a mysql attack hence change your password (security protocol my ass) chances are if you look on the right site your find a list of user's emails and passwords this was a common thing back in the day of yahoo booter sites.

They got owned and lists were put up on certain sites for every one to see.

An attacker couldn't gain the passwords from a database attack because they aren't stored, only a hash of the password is.

voodoo for phpbb because of the 3.1 update )

Just as i said in my other post.

The attackers were able to obtain access to the phpBB.com and area51 databases

Nice reading (old post)

http://blog.sucuri.net/2013/09/security ... b-com.html

I bet it was that necofem (spell check) developers account he seemed dodgy

I don't know what's going on with the phpBB site and the Area51 development board? A major problem has initiated the security breach that the attackers were attempting to breach their security databases, and I need to prevent that from making a breach to our database of the phpBB site.

Remember that I'm a helper here and the phpBB forum.

why would you have a copy of the phpbb database? If you mean your own database of your own phpbb board then unless you are using the same username password for your database that you use to log in to phpbb you have nothing to worry about.
robert