|
|
|
|---|---|
| -LOCKED - Recent Maintenance | |
|
Posted on 2023-03-17 10:48:40
Apologies for the recent maintenance we have had to issue, but unfortunately we noticed some suspicious activity from our admin's account, Katze. On investigation, we deduced that her account had been compromised, and we immediately put the site into maintenance mode while we explored further. We believe only Katze's account and one moderator account was affected. This was caused by someone managing to pass a script into a modbox ticket which, when viewed, would send data to this script, including session data, enabling the attacker to hijack the user's session. We have patched this vulnerability, as well as reviewed other areas of the site to ensure no other areas were affected. We have logs of everything that was viewed or attempted to be accessed. We had found that messages had been sent from Katze's account, those have been deleted, and there was nothing compromising in them so if you received one of these messages there's nothing to worry about. We have no reason to believe that anyone's personal data was affected or retrieved in any way. Additionally, Lioden does not store any payment information, as all payment processing is handled by Paypal. However, in spite of this, as a precaution we have forced a password change for all users on the site. It is best practice to make sure you use a unique password for each site you have a login on. This way, if another site you use suffers a data breach, and you don't use the same password on that site as you do on another, then your accounts on other websites remain safe. We recommend using a password manager to create and store unique passwords for every site and service you use. For now: we are bringing the site back up and things should continue as normal. Katze's account being affected means that a majority of news posts have been deleted and are currently in the process of being recovered. They should be restored soon.  1615 players like this post! Like? |
|
Report
|
RatKing Max 🇦🇺 (#288964)
View Forum Posts  Posted on 2023-03-17 13:17:54 |
Hopefully everything is okay. I'm so sorry this happened to you guys:( 0 players like this post! Like? |
|
Axloga (#90914)
Monster Slayer View Forum Posts Posted on 2023-03-17 13:18:54 |
Why are you forcing us to change the password without warning? Now I have lost access to my side, thank you  0 players like this post! Like? |
|
Jaerosebud (#300568)
Maneater View Forum Posts Posted on 2023-03-17 13:19:07 |
|
🌌 (#138563)
Impeccable View Forum Posts Posted on 2023-03-17 13:20:37 |
I don't do much of anything on this site community wise, other than answer questions because I forget everything I used to know - or essentially know nothing cause I do just the basics of stuff LOL But sorry that this happened and glad you got it sorted! It seems that this is a thing that's been going on quite a lot. 0 players like this post! Like? |
|
Thalath {Side} (#43831)
Holy View Forum Posts Posted on 2023-03-17 13:20:45 |
"Just saying, none of the other businesses would even admit something like that happened to not cause the panic over passwords/stolen data, for safety of their users." That has nothing to do with "protecting the safety of their users". It's to save face. Sites will not admit they were compromised to save face. See Neopets' infamous "our site has NEVER been hacked" excuse they always used, when Neopets had absolutely been compromised many, many times. Most businesses never want to admit they were compromised, instead pinning the blame on the end user for "not protecting their account" when in reality their entire user database had been stolen and there's nothing a normal user can really do. As Michael said, being transparent about this is better. If they aren't, rumors and panic will spread. This was strictly an exploit in the Modbox and nowhere else. They are talking about this BECAUSE it's not an issue for most users and players shouldn't have to panic over it. 1 player likes this post! Like?Edited on 17/03/23 @ 13:22:44 by Thalath {Side} (#43831) |
|
Panda (#208725)
Interstellar View Forum Posts Posted on 2023-03-17 13:23:15 |
Wow people suck, imagine hacking a lion game, embarrassing for them fr 0 players like this post! Like? |
|
🌘Wolf🌒 (#208732)
Heavenly View Forum Posts Posted on 2023-03-17 13:25:18 |
|
Riften | G1 Gon Clone Ennedi (#121270) 
View Forum Posts Posted on 2023-03-17 13:27:15 |
@axloga email them, they’ll be able to assist you from there. Passwords were forced to be reset site wide, im sure it’s not just you who is unfortunately experiencing this. 0 players like this post! Like?Edited on 17/03/23 @ 13:27:55 by Riften |G2 Ferus| 20x Vit (#121270) |
|
Sousuke/Ranmaru (#308901)
Aztec Knight View Forum Posts Posted on 2023-03-17 13:28:25 |
|
HuntressSkyfire[G5Fo ldedEars] (#144162) Prince of Terror View Forum Posts Posted on 2023-03-17 13:30:16 |
|
Olivia [G1|10xBO Vit] (#70128) Heavenly View Forum Posts Posted on 2023-03-17 13:32:18 |
I'm glad everything was sorted out! I got locked out of this account for a few hours due to losing access to the email over the years, but the Lioden support team is awesome and was able to help me gain access to it again 0 players like this post! Like? |
|
🥭MangoCrow🥭| they/them (#307131) View Forum Posts Posted on 2023-03-17 13:40:04 |
Thanks for all the work u do mods! Also screw that guy who decided to hack into the accounts that’s so rude 0 players like this post! Like? |
|
Squiggler - Taco Bell Bathroom (#278656) Heavenly View Forum Posts Posted on 2023-03-17 13:41:06 |
Oh god, i hope everyones okay! Thank you for fixing the issue as fast as you could, im sure everyone appreciates it! 0 players like this post! Like? |
|
Sanmara (#407535)
King of the Jungle View Forum Posts Posted on 2023-03-17 13:41:47 |
|
YellowComet (#261165)
View Forum Posts Posted on 2023-03-17 13:43:03 |
Topic is locked
Memory Used: 642.77 KB - Queries: 2 - Query Time: 0.00084 - Total Time: 0.00616s