has someone been hacked or something now? i thought i heard someone mentioning in region the other day that there ats account had been hacked and someone had somehow got there cd key 0.0
http://www.ryzom.com/forum/showthread.php?t=7907
security change?
Re: security change?
Found this on the web site...helbreat wrote:has someone been hacked or something now? i thought i heard someone mentioning in region the other day that there ats account had been hacked and someone had somehow got there cd key 0.0
http://www.ryzom.com/forum/showthread.php?t=7907
November 23, 2004
On the evening of Sunday, November 21st a malicious individual used a flaw in software that was used to run some of the old Ryzom forums in order to gain low-level access to the Ryzom web server. Less than an hour after the hack, the Nevrax engineers were made aware of the problem and immediately closed down the server as a precaution. Although no passwords are stored openly on this server, passwords are accessible to the forum software in an encrypted form in order to allow players to login. As a precaution to our customers, we strongly advise all players to change their passwords. This can be done by visiting https://secure.nevrax.com/payment_profile/.
The Ryzom web server that was attacked only manages the Ryzom web sites and forums. It is not connected to the game servers or to the billing and account system in any way. All billing information is held by a special third-party company. Consequently, there is absolutely no way that anyone could gain access to players' billing details from the Nevrax servers.
In the interest of security, the Nevrax engineers have kept an absolute minimum web service running while they have been analyzing the web server and installing and configuring a completely new replacement server. The engineers have now analyzed the contents of the web server's hard drive. They have been able to track down the software flaw that the individual exploited in order to gain access to the server. A new release of the software (PHPBB 2.0.11 released on November 18th) fixes the flaw and should be installed by any of you who are running forums with PHPBB. All necessary steps have been taken to prevent a similar attack in the future and the old Ryzom forums have now been removed.
We apologize for any inconvenience this event may have caused you, and wish to thank you all for the patience you afforded us while we took the time to be as thorough as possible.
-Your Ryzom Community Managers
Pheid, mektoub poop scooper of Comitatus Praetorian.
Re: security change?
No, there's not been a new incident. Just Nevrax has decided to change the profile passwords, because users are not able to do that themselves. Passwords should be changed once in a while for security reasons.
Re: security change?
Lawrence
Can you confirm that the email I got with my new 'secure password' was a genuine one?
Just to set my mind at rest before I use it.
Can you confirm that the email I got with my new 'secure password' was a genuine one?
Just to set my mind at rest before I use it.
Re: security change?
Ah never mind, found the answer already.
Teach me to read the forums before posting! lol
http://ryzom.com/forum/showthread.php?t=7907
Teach me to read the forums before posting! lol
http://ryzom.com/forum/showthread.php?t=7907