• Our booking engine at tickets.railforums.co.uk (powered by TrainSplit) helps support the running of the forum with every ticket purchase! Find out more and ask any questions/give us feedback in this thread!

Railwayscene message - possible hack

Status
Not open for further replies.

LE Greys

Established Member
Joined
6 Mar 2010
Messages
5,389
Location
Hitchin
I used to be a member on Railwayscene, something I forgot all about until I received this message recently.

We are contacting all users as a matter of urgency after it emerged that www,railwayscene.co.uk was hacked. The hack took place in recent days with the hackers acquiring user names, email addrsses, first names and passwords, and we were alerted to it at 0935, Friday 13 July 2012.

We have removed our forums and the ability to log in, and have reset all user passwords. It is unknown when this functionality will be returned, but an individual email will follow with instructions on reseting your password when we feel it it is right to do so.

If you use your user name or email address anywhere with your password, please change them immediately.

For reference, your details are:
<deleted>

We would like to apologise unreservedly for this situation, and any stress or inconvenience it has caused. We take the safety of our users very seriously, and have alerted you at the earliest opportunity with all the information we know.

Yours sincerely

Rich Mackin
RailwayScene owner/administrator

Apologies if you receive this message twice.

I'm not sure if this is genuine or not, but I'm posting it as public information just in case it is. Whether it is or not, what would anyone reading this advise me to do? I'm definitely going to e-mail the administrator to ask him to cancel the account.
 
Sponsor Post - registered members do not see these adverts; click here to register, or click here to log in
R

RailUK Forums

323235

Established Member
Joined
8 Dec 2007
Messages
2,076
Location
North East Cheshire
I too used to post there however I did not receive anything about this, possibly because I no longer use the email account I was registered with.

Thank You for alerting me to this.
 

michael769

Established Member
Joined
9 Oct 2005
Messages
2,006
I'm not sure if this is genuine or not, but I'm posting it as public information just in case it is. Whether it is or not, what would anyone reading this advise me to do?

I am very concerned that the email does not give any indication that the stolen passwords were salted and hashed and you may with to ask the admins to clarify if they were and if not why they failed to adequately secure them in accordance with commonly accepted best practice.

You should assume that someone with criminal intentions now has a copy of your login information including the plain text version of your password. As such if you use that password on other sites you should change your password on those sites as soon as possible, paying particular attention to any that use the same username or email address.

You should also be especially wary of double checking the sources of any emails you receive for the coming months, as the information may be used to make phishing type spam more convincing than it normally is. Do not click on any links in emails.
 

LE Greys

Established Member
Joined
6 Mar 2010
Messages
5,389
Location
Hitchin
I am very concerned that the email does not give any indication that the stolen passwords were salted and hashed and you may with to ask the admins to clarify if they were and if not why they failed to adequately secure them in accordance with commonly accepted best practice.

You should assume that someone with criminal intentions now has a copy of your login information including the plain text version of your password. As such if you use that password on other sites you should change your password on those sites as soon as possible, paying particular attention to any that use the same username or email address.

You should also be especially wary of double checking the sources of any emails you receive for the coming months, as the information may be used to make phishing type spam more convincing than it normally is. Do not click on any links in emails.

Thanks. I've already deleted the address I used for that site and changed over to another one - I tend to use individual passwords for different sites anyway. I'm going to follow your advice in a minute and make rather more sweeping changes.
 

michael769

Established Member
Joined
9 Oct 2005
Messages
2,006
Who stores plaintext passwords any more? :(

You would be surprised, there have been a few incidents recently that have resulted in lists of plain text usernames and passwords bing leaked on the internet.

Thing is some organisations are still using back office systems that were written 10 or even 20 years ago, which were never designed to be accessed via the Internet and which lack modern security practice.

And sadly not all of my fellow software developers show a professional attitude to their work, so sometimes even modern systems fall current standards of best practice.
 
Status
Not open for further replies.

Top