Apologies for the recent maintenance we have had to issue, but unfortunately we noticed some suspicious activity from our admin's account, Katze. On investigation, we deduced that her account had been compromised, and we immediately put the site into maintenance mode while we explored further.

We believe only Katze's account and one moderator account was affected. This was caused by someone managing to pass a script into a modbox ticket which, when viewed, would send data to this script, including session data, enabling the attacker to hijack the user's session. We have patched this vulnerability, as well as reviewed other areas of the site to ensure no other areas were affected. We have logs of everything that was viewed or attempted to be accessed.

We had found that messages had been sent from Katze's account, those have been deleted, and there was nothing compromising in them so if you received one of these messages there's nothing to worry about.

We have no reason to believe that anyone's personal data was affected or retrieved in any way. Additionally, Lioden does not store any payment information, as all payment processing is handled by Paypal.

However, in spite of this, as a precaution we have forced a password change for all users on the site. It is best practice to make sure you use a unique password for each site you have a login on. This way, if another site you use suffers a data breach, and you don't use the same password on that site as you do on another, then your accounts on other websites remain safe.

We recommend using a password manager to create and store unique passwords for every site and service you use. For now: we are bringing the site back up and things should continue as normal.

Katze's account being affected means that a majority of news posts have been deleted and are currently in the process of being recovered.  They should be restored soon.