VB user credentials now a plaything for hackers

Second Summer

Second Summer

Administrator
Staff member
Joined
Apr 26, 2012
Reaction score
9,028
Location
Oxfordshire, UK
Lifestyle
  1. Vegan
This morning I received an email from VerticalScope, the current owners of VeggieBoards, which says:
On June 13, 2016, we became aware that February 2016 data stolen from VerticalScope was being made available online.
Click to expand...
OK, so it only took them a month and a half to warn the members about this after they discovered it. M-hm. And these are the user details that have been made freely available on the Internet:
Community member usernames, email addresses, hashed passwords, community userIDS, community website, and the IP address the username originally registered with.
Click to expand...

So just a heads up, if you've used your VB username/email and password combination anywhere else, it would be a very good idea to change it a.s.a.p!

(Oh, and don't tell me I didn't warn you about that place!)
 
  • Like
Reactions: KLS52
shyvas said:
I can't even remember my pw on VB as it's been years since I posted over there.:(
Click to expand...
I couldn't remember mine either, but I have the same email address, so I clicked the "I forgot my password" option. (Which I had to hunt for a bit before I found it.)
 
Sorry, can't help but comment a bit more!

What We Are Doing
We have invalidated passwords of all VerticalScope user accounts.
Click to expand...
Good ...
We have implemented stronger password rules (passwords now require a minimum of 10+ characters and a mixture of upper- and lower-case letters, numbers and symbols) along with automated account password expiries to encourage more frequent password changes. We will remind our users to use good password practices (not using the same password for multiple online accounts and using unique strong passwords).
Click to expand...
Let's face it, hackers generally don't care about breaking into regular members' message board accounts. (The admin's account or someone else with elevated privileges would be more interesting to them.) What hackers want are the user details for all users which are stored in the database. They don't generally get access to this by hacking a message board account, certainly not a non-admin's account.

All in all, these measures do little to help security, though they do a lot for increasing members' frustration levels.
 
Last edited:
I haven't been there in years either, but I do tend to use the same few passwords. I guess I'll have to go see which one I was using, what a pain in the butt.

eta: Darn, it's the one I use the most, including on here.
 
Last edited:
Not to hijack this thread, but VB has become a very thinly disguised advertising platform.

That in and of itself doesn't bother me. It's the intrusiveness of the ads that I don't appreciate.

This site will post ads within a thread and right after a posted picture. There is no reprise from the aggressiveness of the ad placements.
 
I've only come across one news magazine site that blocks you unless you turn it off, and DeviantArt will partially block the page. I turn it off on DA for as long as I can stand to since I have an account and use their site, but all of their ads are video ads, and you can only take the constant motion for so long when you're trying to look at or read other things.

I will sometimes leave it off for small sites that rely on the ad revenue.
 

Similar threads

Second Summer
Announcement Big news - a new era begins soon!
Replies
161
Views
19K
Announcements/News
Tom L.
T
Second Summer
The new VB rules
Replies
21
Views
4K
Lounge
Poppy
Poppy
Top Bottom