PARAGLIDINGFORUM.COM

Use this to ask questions about the website, report problems and make suggestions.

Moderator: Club Moderators

Post Reply
User avatar
GlennP
Regular
Posts: 863
Joined: Fri Dec 12, 2008 11:21 am
Location: NE England

PARAGLIDINGFORUM.COM

Post by GlennP »

Looks like it's been hacked by the Russians. A password change is recommended on your email addresses.

Wednesday 31 March, 2009-03-31
Dear Paragliding Forum Users


As those of you who have tried to use the forum and Leonardo in the last couple of days will know, we have been the victims of a serious hack. Without being too technical, a previously not advertized security flaw in phpbb was exploited.

We have no idea who the perpetrator was other than that they used a Ukraine IP address and a gmail e-mail account. This means very little. We also do not know the reason for the attack, but strongly suspect the target was our database, and the passwords, usernames and email addresses contained within. Although we are not sure, we strongly suspect that the hacker had full access to our database. We must assume that passwords, usernames and email addresses are held by someone outside the paraglidingforum.com team and could be used maliciously.

The most important action required by all users is to
CHANGE YOUR PASSWORD IMMEDIATELY ON ALL OTHER SITES if you use the same password.
This particularly important if you have the same username/password combination also.

All users of the site will be mailed a new password in the next couple of days (GUS is working hard on this now, along with increasing security). Manolis is working hard on restoring the site and we will have is back up as soon as we are confident that we can defend against another attack of this nature.

The only positive news in this episode is that there is no, or very minimal, loss of content from both Leanardo and paraglidingforum.com. Once the site is restored it will contain posts up until 0300 on 27.03.2009, just before the attack. Concering Leonardo, all flights submitted will be back online

As a non-professional organisation, working on a volunteer basis, it will take us some time. Nevertheless, we would like to apologise to all users for any problems this breach may cause. It has acted as a good clear kick up our own backsides to remember that there are some nasty people out there and all sites and users of the ‘net are potential victims.
You are only as good as your last flight........
Post Reply