[SFDXA] RSGB IOTA Database breached
Bill
bmarx at bellsouth.net
Mon Sep 28 18:15:18 EDT 2015
From Tony N2MFT:
At 04:48 UTC on Sunday morning 27 September, an automatic bot gained
access to the IOTA website database and was able to exploit a bug in the
IOTA code in order to reset the password for every user on the site.
This is why you might not have been able to log into the site. There is
no sign in the system logs that any data was read or that personal data
was compromised. Once the IT team was aware of the issue, they
immediately took the database offline for analysis and corrected the
bug. User passwords are stored in a hashed format in the database, not
in plain text. In accordance with best practice, however, we'd like to
encourage all users of the IOTA website to change their passwords.
Additionally, if you have used your IOTA password on other websites, you
should change the passwords on those other sites also. If you have any
further questions or concerns, please contact iota.online at rsgb.org.uk
<mailto:iota.online at rsgb.org.uk>.
G3KMA, 28 Sep 2015
http://www.rsgbiota.org/
More information about the SFDXA
mailing list