PDA

View Full Version : Unplanned Forum Maintenance & Rollback



Spiffy
September 11th, 2013, 09:20 PM
It has come to our attention this morning that the Trainz forums had been compromised by an exploit in the system.

As soon as we were alerted to this we shut down the forums and prevented external access to the admin controls and began an investigation into what was happening with the system.

As part of this exploit the attackers may have gained access to the admin backend of the system. This may have led to email addresses being visible.

Passwords were not compromised during this incident and are stored in an encrypted fashion. Planet Auran accounts were also unaffected.
Simulator Central was also not compromised in any way and is held on a totally separate system

We have removed the exploit in question from our systems and tightened up some other measures to help prevent further intrusions in the future.

As a necessity we have restored the forum backup from Saturday 7th September in order to guarantee that no malicious code was left behind from the attack. This has resulted in forum posts since the backup time on Saturday 7th September being removed from the forums.

We apologise for any inconvenience.