Fellow Boards Members,
Today, Thursday 21 Jan 2009 at 11:20 GMT the Boards.ie database was attacked by a source external to Ireland. This triggered our security response policy and as a result we are sending you this warning email.
In this attack, part of the database which includes our members usernames, email addresses and obfuscated passwords was accessed. While our investigations indicate that individual user accounts are not in danger we have taken the step of changing all user passwords.
We also recommend that if you used the same username/email and password on other sites that you change your password there too as a precaution.
What happened:
This morning our database server was accessed by an unauthorised source.
We discovered this intrusion and took the site offline.
As a precaution We contacted the Gardaí, the Data Protection Commissioner and an independent security consultancy.
We have followed the advice we have received on how to proceed.
Like all large sites we are regularly the target for disruption and take continual actions to proactively protect your data. This particular attack was completely unprecedented despite our rigorous security measures and while we have no idea if this data will be used for any malicious reasons, we felt it vital to tell you this immediately.
What you need to know and do:
If you use the same password on Boards as you do on other services, you should change it on those other services to be safe. Boards passwords are NOT stored in plain text, they are obscured with the standard vBulletin "Hash". While this provides strong protection, we have altered all passwords on Boards as a precaution and suggest you take this time to allter other similar passwords.
If you are a subscriber, please be assured, we do NOT store credit card details or any payment details on our servers. Nothing of that nature is held on our site and as a result such data was not compromised.
We apologise for this inconvenience. We do not want to over stress the problem, however we felt the situation requires full disclosure.
Tom Murphy.
