Security Breach

In case you missed the announcement that is on the top of every forum page (for the next 4 weeks), here is the same text:

Because of a security breach, you will have to provide a new password for accessing the forums.
If, for whatever reason, you are not told to change your password when you try to login to the forums, please initiate this action yourself. Note that changing your password will only work, if you also provide a valid email address as you are send a mail with a verification link after changing your password. Make sure to check your spam folder as well if you don't receive the mail in your mailbox.

For the record, this is the link: https://www.rpgwatch.com/forums/prof…o=editpassword

If you are unable to change your password, contact us, so we can assist you.

Can you elaborate? Were old passwords stolen?

The issue was that a security issue resulted in someone to upload a PHP script. From that script it would potentially be possible to access configuration files and even access the RPGWatch database. As non-failing PHP actions are not logged, I cannot be sure if this did or did not happen, so I assume the worst and just want everyone to change their password.

This is a post in case anyone else faces the same problem I did. The change password link did not work for me after the login, and the page continually reloaded. You can just click on the login screen that you forgot your password and it will automatically be reset. You will get an email with a link and a new working password that you probably will want to change. This is more involved than being able to change your password directly through the link, but it worked for me.

The link doesn't work if you accessed it from the home page of RPGWatch. If you accessed it from the forums page it should work.

This link doesn't work:
https://www.rpgwatch.com/profile.php?do=editpassword

This one does:
https://www.rpgwatch.com/forums/prof…o=editpassword

Originally Posted by HiddenX
This link doesn't work:
https://www.rpgwatch.com/profile.php?do=editpassword

This one does:
https://www.rpgwatch.com/forums/prof…o=editpassword

Thanks HiddenX - that second link worked for me.

It's good to have the Watch back up and running.

One odd thing is when rpgwatch came up i received this email:

From:
DragonByte Security has detected that your account has been the subject of a breach on another site. We recommend you change your password and enable two-factor authentication to stop your account from being a target of further breaches.

Astropid (astropid.com) happened on December 19th, 2013, added to the system on 05:49, 6th Jul 2014
Battlefield Heroes (battlefieldheroes.com) happened on June 26th, 2011, added to the system on 15:10, 23rd Jan 2014
Forbes (forbes.com) happened on February 15th, 2014, added to the system on 13:24, 15th Feb 2014
Gawker (gawker.com) happened on December 11th, 2010, added to the system on 02:00, 4th Dec 2013
hackforums.net (hackforums.net) happened on June 25th, 2011, added to the system on 12:30, 11th May 2014
hemmelig.com (hemmelig.com) happened on December 21st, 2011, added to the system on 09:23, 25th Mar 2014
Lounge Board (loungeboard.net) happened on August 1st, 2013, added to the system on 12:22, 6th Jul 2014
Win7Vista Forum (win7vista.com) happened on September 3rd, 2013, added to the system on 12:01, 1st Jun 2014
--
the odd thing is i never had accounts on any of those websites….

I thought I disabled that, but apparently not.

Anyway, I believe it searches some known databases for user names and email addresses. Perhaps someone else has used the name 'you' on those sites.

Ok thanks that must be it since the email address is only a few months old.

Welcome back!

I got a mail like that… with different site, I don t have accounts on those except for one, but with a different password…

Did my duty. Changed my password. Thanks for the warning. Even though I almost never log in anymore. Don't have anything to contribute I'm afraid. But I still check the site for news - even if my backlog is HUGE.

Glad to see the Watch is up and running again. Even though that banner you see when RpgWatch is down is kinda cute. ;-)

IT'S ALIVE!!

I see a few days are missing from the forums. I think I know what happened here…

Took me quite a few tries to get back in, but all seems good now.

Originally Posted by HiddenX
This link doesn't work:
https://www.rpgwatch.com/profile.php?do=editpassword

This one does:
https://www.rpgwatch.com/forums/prof…o=editpassword

I also want to send this! The link it tries to recommend, after logging in is broken. And once you login you can't reach the forums either, as it keeps trying to tell you to go to the profile page. But the link is broken.

I found the correct link in the email I received with the new temp password. This could be very annoying for people, I think.

When I accessed the site via Chrome, it popped up the change password message but then it got into a loop and I wasn't able to update it. I had to come in via Internet Explorer. Not sure why that would happen, but I got in now. I hope they didn't leave any back doors to capture our password changes.

Glad you folks are still in operation.

Originally Posted by you
One odd thing is when rpgwatch came up i received this email:

From:
DragonByte Security has detected that your account has been the subject of a breach on another site. We recommend you change your password and enable two-factor authentication to stop your account from being a target of further breaches.

Astropid (astropid.com) happened on December 19th, 2013, added to the system on 05:49, 6th Jul 2014
Battlefield Heroes (battlefieldheroes.com) happened on June 26th, 2011, added to the system on 15:10, 23rd Jan 2014
Forbes (forbes.com) happened on February 15th, 2014, added to the system on 13:24, 15th Feb 2014
Gawker (gawker.com) happened on December 11th, 2010, added to the system on 02:00, 4th Dec 2013
hackforums.net (hackforums.net) happened on June 25th, 2011, added to the system on 12:30, 11th May 2014
hemmelig.com (hemmelig.com) happened on December 21st, 2011, added to the system on 09:23, 25th Mar 2014
Lounge Board (loungeboard.net) happened on August 1st, 2013, added to the system on 12:22, 6th Jul 2014
Win7Vista Forum (win7vista.com) happened on September 3rd, 2013, added to the system on 12:01, 1st Jun 2014
--
the odd thing is i never had accounts on any of those websites….

I got one too, in my spam folder…but I had accounts on all the thing listed. :/

You forced me to hang out at that cesspool for a few days, and now I feel dirty.

To prevent the problem with the incorrect link, I hardwired the link in the message that is send. It should now send everyone to the correct page, regardless if they are entering from rpgwatch.com or rpgwatch.com/forums.