Hey everyone, just wanted to give an update on the recent downtime.
Early in the afternoon on Monday, February 1st, a person gained access to an admins account. From there, they accessed the admin panel and made changes to the site that resulted in the page some users ended up seeing, as well as emailing a number of users with the same content.
As soon as this intrusion was noticed, the site was brought offline for investigation. At this time, we have no indication that the server was accessed in any way or that any user data was accessed. The vandalized content was reverted to one of our backups, and the compromised admin account had it's access revoked until we can ensure the account is no longer at risk.
As a reminder, we do not ever receive or store any payment data when it comes to our Premium users, and passwords are properly stored encrypted within our database.
However, just as a general precaution we'd advise everyone to update their password and also remind everyone that you should never use the same password on multiple websites or services
Edit: Some users have expressed concern over entering their password in the plain white login box just before the site came back up with a label of "Maintenance". This was a legitimate webserver login prompt, and does not use Smashboards logins to access it which is why attempting to login to it failed. There is no need to be worried if you entered your credentials there.
Early in the afternoon on Monday, February 1st, a person gained access to an admins account. From there, they accessed the admin panel and made changes to the site that resulted in the page some users ended up seeing, as well as emailing a number of users with the same content.
As soon as this intrusion was noticed, the site was brought offline for investigation. At this time, we have no indication that the server was accessed in any way or that any user data was accessed. The vandalized content was reverted to one of our backups, and the compromised admin account had it's access revoked until we can ensure the account is no longer at risk.
As a reminder, we do not ever receive or store any payment data when it comes to our Premium users, and passwords are properly stored encrypted within our database.
However, just as a general precaution we'd advise everyone to update their password and also remind everyone that you should never use the same password on multiple websites or services
Edit: Some users have expressed concern over entering their password in the plain white login box just before the site came back up with a label of "Maintenance". This was a legitimate webserver login prompt, and does not use Smashboards logins to access it which is why attempting to login to it failed. There is no need to be worried if you entered your credentials there.
Last edited: