>
> This is Hugh, the founder of LibriVox, writing to let you know that,
> unfortunately, a hacker broke into the LibriVox forum, caused a bit of
> damage (now fixed), but more worryingly, got access to our complete
> database including emails and encrypted passwords. We have locked them out
> of the system, and we?ve fixed the vandalism, but they still have our
> database.
>
> So, in order to protect our users & the LibriVox accounts:
>
> * we have RESET ALL USER PASSWORDS (including yours)
> * the next time you login your password will be invalid
> * you will have to reset your password, using this link:
> http://forum.librivox.org/ucp.
>
> NOTE1: PLEASE DO NOT USE THE SAME PASSWORD YOU USED BEFORE!
>
> NOTE2: IF YOU USE THE SAME PASSWORD ON OTHER INTERNET SERVICES, WE
> RECOMMEND YOU CHANGE THOSE PASSWORDS TOO.
>
> If you have difficulty resetting your password, please reply to this email
> and ask for help. Be sure to include your forum username.
> LibrivoxPasswordReset@
>
> In the interests of full disclosure, here is some extra information:
> (1) The database contained every piece of communications sent through the
> forum, including all private messages. This information is now in the
> possession of the hacker.
>
> (2) All forum passwords in the database are encrypted. However, if your
> password was very simple, it will be trivial for the hacker to break the
> encryption using "brute-force" techniques. They will likely attempt exactly
> this, so if you use the same password on any other Internet service, you
> should immediately change your password at those services.
>
> We are very sorry that this happened, and once this is sorted out as best
> as it can be, we?ll be doing a more thorough security review.
>
> If you have questions, please don?t hesitate to contact me.
>
> Sincerely,
> Hugh McGuire
> Founder, Librivox
>
>
> --
> The LibriVox Team
No comments:
Post a Comment