Important Security Notice

[Celebdea]

Hiya guys,

 

Just caught this warning from you; better late than never, eh?

 

As a former security operative I'd just like to say kudos to you for the warning... pity you received what appears to be some negativity over this. So, THANK YOU VERY MUCH. Keep up the good work people.

 

With regards...

[metaphorset]

In response to post #76730058. #76736273, #76754668, #76762448 are all replies on the same post.

amadeuskun wrote: *uses the same password across every website* "I can't believe I got hacked" *blames The nexus for getting hacked*

Ppl who use one password for everything are playing with fire, just like people who use easy-to-guess passwords and PIN numbers.

Don't use any personally identifiable information in your passwords, bible verses, famous quotes, lucky numbers, easy-to-guess number combinations (12345, 77777, 6969, birthdays, SSNs, etc.) If someone can go on your social media page and write down everything they know about you and break the password, it wasn't a good password.

Saggaris wrote: What do you want, a badge?
Yet another know it all that thinks everyone should have the same grasp as he, let me tell you something, people are different and and MANY can't remember what they go to the toilet for... not everyone has the same outlook as you.
Of the 20 million folks here a good number of them wouldn't understand what the hell you were talking about, they might not have spacebook, facetube or even read the bible.
You're preaching to those that already understand and others that ain't listening and don't care.
I've used the site for 15 years and I still know nothing.

Ethreon wrote: Sorry to break your bubble but if you are on a modding site. You should more knowledgeable than the average user. So yes, if you use the same password everywhere it's your own damn fault.

Saggaris wrote: Wrong...
working in the mental health industry for a decade gives you a different outlook on peoples understanding and their desires, they are in many cases at very different levels.

Now, I say if you have 20 million peoples details, details that you demand when they join, it should be up to you to keep those safe, not each and everyone that you enticed in.

@Saggaris - the badge is yours. This stuff isn't exactly breaking news. In this day and age ignorance is a choice. You chose ignorance and you seem to carry it quite proudly.

[Saggaris]

In response to post #76730058. #76736273, #76754668, #76762448, #76779138 are all replies on the same post.

amadeuskun wrote: *uses the same password across every website* "I can't believe I got hacked" *blames The nexus for getting hacked*

Ppl who use one password for everything are playing with fire, just like people who use easy-to-guess passwords and PIN numbers.

Don't use any personally identifiable information in your passwords, bible verses, famous quotes, lucky numbers, easy-to-guess number combinations (12345, 77777, 6969, birthdays, SSNs, etc.) If someone can go on your social media page and write down everything they know about you and break the password, it wasn't a good password.

Saggaris wrote: What do you want, a badge?
Yet another know it all that thinks everyone should have the same grasp as he, let me tell you something, people are different and and MANY can't remember what they go to the toilet for... not everyone has the same outlook as you.
Of the 20 million folks here a good number of them wouldn't understand what the hell you were talking about, they might not have spacebook, facetube or even read the bible.
You're preaching to those that already understand and others that ain't listening and don't care.
I've used the site for 15 years and I still know nothing.

Ethreon wrote: Sorry to break your bubble but if you are on a modding site. You should more knowledgeable than the average user. So yes, if you use the same password everywhere it's your own damn fault.

Saggaris wrote: Wrong...
working in the mental health industry for a decade gives you a different outlook on peoples understanding and their desires, they are in many cases at very different levels.

Now, I say if you have 20 million peoples details, details that you demand when they join, it should be up to you to keep those safe, not each and everyone that you enticed in.

metaphorset wrote: @Saggaris - the badge is yours. This stuff isn't exactly breaking news. In this day and age ignorance is a choice. You chose ignorance and you seem to carry it quite proudly.

Nope, you're the ignorant one that wishes to assume a level ability playing field, you obviously don't mix with folks with different abilities, after all it's down to the hedgehog to learn when to cross the road isn't it?

[Regnier1919]

My Avast told me it had safely aborted a connection to Skyrimgems.com because it was infected with HTML:script-inf(susp) Could someone clarify have I downloaded an infected file from Nexus or is this something else?

[Regnier1919]

In response to post #76653803.

Saggaris wrote: As we're talking security here I figured I'd ask... Am I supposed to get...

HTML:Scrips-inf [susp] when I visit Skyrim pages?

Avast stopped it so I took a screenshot and checked it out, didn't sound too good.
or is it something my end?

I had the same issue. Would also like some clarity if anyone with knowledge could help.

[Saggaris]

In response to post #76653803. #76810728 is also a reply to the same post.

Saggaris wrote: As we're talking security here I figured I'd ask... Am I supposed to get...

HTML:Scrips-inf [susp] when I visit Skyrim pages?

Avast stopped it so I took a screenshot and checked it out, didn't sound too good.
or is it something my end?

Regnier1919 wrote: I had the same issue. Would also like some clarity if anyone with knowledge could help.

I've PM'd you.

[aragas11]

"Always use unique and strong passwords of at least 12 characters for each service you use." Longer passwords don't guarantee security though. Edited January 24, 2020 by aragas11

[CommandantShepard]

In response to post #76730058. #76736273, #76754668, #76762448, #76779138, #76782503 are all replies on the same post.

amadeuskun wrote: *uses the same password across every website* "I can't believe I got hacked" *blames The nexus for getting hacked*

Ppl who use one password for everything are playing with fire, just like people who use easy-to-guess passwords and PIN numbers.

Don't use any personally identifiable information in your passwords, bible verses, famous quotes, lucky numbers, easy-to-guess number combinations (12345, 77777, 6969, birthdays, SSNs, etc.) If someone can go on your social media page and write down everything they know about you and break the password, it wasn't a good password.

Saggaris wrote: What do you want, a badge?
Yet another know it all that thinks everyone should have the same grasp as he, let me tell you something, people are different and and MANY can't remember what they go to the toilet for... not everyone has the same outlook as you.
Of the 20 million folks here a good number of them wouldn't understand what the hell you were talking about, they might not have spacebook, facetube or even read the bible.
You're preaching to those that already understand and others that ain't listening and don't care.
I've used the site for 15 years and I still know nothing.

Ethreon wrote: Sorry to break your bubble but if you are on a modding site. You should more knowledgeable than the average user. So yes, if you use the same password everywhere it's your own damn fault.

Saggaris wrote: Wrong...
working in the mental health industry for a decade gives you a different outlook on peoples understanding and their desires, they are in many cases at very different levels.

Now, I say if you have 20 million peoples details, details that you demand when they join, it should be up to you to keep those safe, not each and everyone that you enticed in.

metaphorset wrote: @Saggaris - the badge is yours. This stuff isn't exactly breaking news. In this day and age ignorance is a choice. You chose ignorance and you seem to carry it quite proudly.

Saggaris wrote: Nope, you're the ignorant one that wishes to assume a level ability playing field, you obviously don't mix with folks with different abilities, after all it's down to the hedgehog to learn when to cross the road isn't it?

@Saggaris You are correct that it is on the website to protect their (your) data to the highest possible standard. However, ultimately it is a user's responsibility to manage their own personal online security. I don't expect everyone to understand this and am well aware they don't as I work in Software Support, however a user refusing or unwilling to learn more about this does not make it any less true. Not defending NexusMods or this breach in any way, just stating a general fact.

I also think posting what you did and the way you did it is completely unnecessary, as @amadeuskun wasn't specifically bashing anyone but in fact was sharing information that could potentially help someone in a situation of having bad passwords.

[CommandantShepard]

In response to post #76838433.

aragas11 wrote: "Always use unique and strong passwords of at least 12 characters for each service you use." Longer passwords don't guarantee security though.

It's the unique and strong passwords part of this statement that really matters. Of course longer passwords will help, but ultimately having many complicated and unique passwords will potentially stop you from getting other accounts hacked. The best security guarantee is to not use any services, anything else is a compromise.

[iFgrin]

In response to post #76084473.

hard8 wrote: I thought it was Dell's Optimize Your PC scanning program that had missed up my sign in with this site yesterday, I switched internet providers a few weeks ago, and it be normal for the site to be nervous about my new ip address and provider service!..

Good luck with Dell friend.
Was a good company. At some point they Purchased Alienware, and between the two, they have very interesting suites of software that are useful and fun for gamers.

AND after having purchasing TWO fairly high end rigs, one for Me & one for the GF for last Years Christmas [all brand name parts, upgraded ALL parts from the Basic parts listed on the Advertised Rigs] ... After waiting 3+ weeks on an RMA for a 1080i card to even be able to use one of them - I watched them BOTH Self-Deconstruct right in front of My eyes - due to BAD PARTS manufactured in China. I've got a $5500.00 graveyard of computer parts in the Media room. I walked away from both of them. I was not about to go thru the scale of RMA Hell, on the unbelievable amt of parts that failed on these machines.

So ... I thought OK. Pre-Built but from a local outlet. There is a Best Buy an hour or so from Me. Uh-huh. Bought a nicely boxed R7 and a 13" Alienware R3 with an OLED screen.

So - Why this long, drawn out diatribe hard8 - it's not YOU. Don't blame Yourself.

After 3 month r so - The R7 freaked out - made the weirdest sounds I ever heard and went into the deadest of dead BOSDs I've ever seen. The MOBO fried with bang!. NO Bios key reboot/recovery of any kind possible. Took out the GTX 1080 & the 2TB HDD, but that's all she wrote on that piece of junk.

Here's what I'm getting to - I struggled with Dells Optimize and Dells Support Assistant and suspected them from the start as 'Bad Actors.' I have UNINSTALLED those features on My R3, tracking down every file left on the machine best I could with REVO and personally going through all my C drive folders for any Dell Anything. Afterward I ran MS Update, and I'll be darned if MS didn't replace a number of files and drivers ... naming them Dell OEM ... but when I looked at the 'Manufacturer' of the driver or file...it's MS.

I'm not advising You to do anything like that. But I am backing you up on Your intuition that something might be up with Dells Automatic
Optimization and the other Similar software they have like that.

Take it for what it's worth to You, but as far as I'm concerned, with issues like CVE, and with pretty much all of our computer parts, routers, Mobos, etc., manufactured in China - if China's gonna be shaky a player in this [OR Whoever - this NOT A CHINA! CHINA! CHINA! Post] - it's hard for Me to blame Any of Our Nexus brothers and sisters for doing things wrong - blaming either themselves or others, including the Nexus staff. Non-of Us wanted any of this.

How can You get anything right if the equipment and the system is rigged?
Edited February 3, 2020 by iFgrin