On December 16, we have been made conscious that somebody had just lately gained unauthorized entry to a database from forum.ethereum.org. We instantly launched an intensive investigation to find out the origin, nature, and scope of this incident. Here’s what we all know:
- The data that was just lately accessed is a database backup from April 2016 and contained details about 16.5k discussion board customers.
- The leaked data consists of
- Messages, each private and non-private
- IP-addresses
- Username and e-mail addresses
- Profile data
- Hashed passwords
- ~13k bcrypt hashes (salted)
- ~1.5k WordPress-hashes (salted)
- ~2k accounts with out passwords (used federated login)
- The attacker self-disclosed that they’re the identical particular person/individuals who recently hacked Bo Shen.
- The attacker used social engineering to achieve entry to a cell phone quantity that allowed them to achieve entry to different accounts, one among which had entry to an previous database backup from the discussion board.
We’re taking the next steps:
- Discussion board customers whose data might have been compromised by the leak will likely be receiving an e-mail with further data.
- We now have closed the unauthorized entry factors concerned within the leak.
- We’re implementing stricter safety pointers internally equivalent to eradicating the restoration cellphone numbers from accounts and utilizing encryption for delicate information.
- We’re offering the e-mail addresses that we imagine have been leaked to https://haveibeenpwned.com, a service that helps talk with affected customers.
- We’re resetting all discussion board passwords, efficient instantly.
For those who have been affected by the assault we suggest you do the next:
- Be certain that your passwords should not reused between providers. If in case you have reused your discussion board.ethereum.org password elsewhere, change it in these locations.
Moreover, we suggest this excellent blog post by Kraken that gives helpful details about the best way to shield in opposition to a lot of these assaults.
We deeply remorse that this incident occurred and are working diligently internally, in addition to with exterior companions to deal with the incident.
Questions could be directed to security@ethereum.org.
