Potential Database Breach

[Enyap]

 

In response to post #31617625.

 

 

 

Enyap wrote:

I went to change my password as recommended in announcement and noticed that my current e-mail address shown in User CP is not one I recognize. Like unless I registered on Nexus drunk out of my mind, I'm positive it's not my e-mail. More so the shown e-mail is from yahoo mail and when trying to log in to that yahoo says that this id is not taken yet. How can this be possible? Is my account possibly not mine anymore?

So, change it? You can easily change it, you just have to re-activate the account... Seeing as you posted, you must still have the correct password to do the change.

 

 

Im kinda reluctant to enter my legit e-mail if I'm not sure that it's nice and safe.

[Plzstandbuy]

In response to post #31608660. #31613755, #31614210 are all replies on the same post.

turoktony wrote: I always wondered why humans are such a destructive species. A bunch of people make a really cool thing, and suddenly some other people come along and do their best to ruin it for everyone...

FrostByghte wrote: With you here 100%.

RealmEleven wrote: I wouldn't give them that much credit.

Solipsism is destructive, yes, but people being too lazy to look beyond their own immediate gain is what I think gets us in trouble (and it's probably what makes westerners, in particular, such lousy Go players)

What do they have to gain by hacking a modding forum? There's much better targets to pick.

[SjoertJansen]

In response to post #31618445.

Enyap wrote:

 

In response to post #31617625.

Enyap wrote:

I went to change my password as recommended in announcement and noticed that my current e-mail address shown in User CP is not one I recognize. Like unless I registered on Nexus drunk out of my mind, I'm positive it's not my e-mail. More so the shown e-mail is from yahoo mail and when trying to log in to that yahoo says that this id is not taken yet. How can this be possible? Is my account possibly not mine anymore?

So, change it? You can easily change it, you just have to re-activate the account... Seeing as you posted, you must still have the correct password to do the change.

 

Im kinda reluctant to enter my legit e-mail if I'm not sure that it's nice and safe.

The email to activate the account will be send to the new email address.
But I can understand what you mean, but I wouldn't fear. I don't see how that would be a problem unless you use the same password for email and this website? You could change your password first, no emails will be sent (If you used the same for both email and nexus, change both! ) .
Unless you have a keylogger on your system, or someone listening in on your internet traffic, it should be completely safe. Safer, for sure, than having someone else's email, or as the strange email would suggest, someone else with your current password.

Joe Edited December 7, 2015 by SjoertJansen

[Zeeves]

It happened to Twitch, PSN, and Ebay; it's a wonder these lower-tier websites can even safely exist! In the meantime I suggest you all ignore any mod updates through NMM as they could potentially be a ruse to slip in some questionable .dlls :/

[thisischris84]

"I'm sorry for (potentially, at this point) breaking your trust in us. We'll continue working away at this to get a conclusive answer and, when we do, you'll be the first to know."

 

I've not been a member for long, but I don't feel like you broke my trust in you at all. It's not like you guys are waving signs around saying "PLZ HACK US!"

 

Like you said, if they want to get in, they'll eventually do it. You can only do so much.

 

Thanks for informing us!

[Eolath]

In response to post #31618445. #31618745 is also a reply to the same post.

Enyap wrote:

 

In response to post #31617625.

Enyap wrote:

I went to change my password as recommended in announcement and noticed that my current e-mail address shown in User CP is not one I recognize. Like unless I registered on Nexus drunk out of my mind, I'm positive it's not my e-mail. More so the shown e-mail is from yahoo mail and when trying to log in to that yahoo says that this id is not taken yet. How can this be possible? Is my account possibly not mine anymore?

So, change it? You can easily change it, you just have to re-activate the account... Seeing as you posted, you must still have the correct password to do the change.

 

Im kinda reluctant to enter my legit e-mail if I'm not sure that it's nice and safe.

SjoertJansen wrote: The email to activate the account will be send to the new email address.
But I can understand what you mean, but I wouldn't fear. I don't see how that would be a problem unless you use the same password for email and this website? You could change your password first, no emails will be sent (If you used the same for both email and nexus, change both! ) .
Unless you have a keylogger on your system, or someone listening in on your internet traffic, it should be completely safe. Safer, for sure, than having someone else's email, or as the strange email would suggest, someone else with your current password.

Joe

You shouldn't. It'll just add your email to the hackers database if there is indeed a breach. Don't change your email yet until we have confirmation that the breach is fixed.

[DJexs]

One data breach among years and years of great service. This is and always has been a quality site, this announcement just gives me more confidence that this is gonna be handled correctly. Because many companies (microsoft xbox comes to top of my head) don't always tell you when they have had a data breach with a big announcement like this, they try and hide it. The day and age we live in nowadays means its impossible to not be targeted at some point by some malicious douche. How that is handled makes all the difference.

[WightMage]

Hey all, this may of be use to you:

 

https://howsecureismypassword.net/

 

Experiment with new passwords that are easy to remember *and* include random numbers and symbols here to get a basic idea of how secure you are. However, as the helpful box just underneath states:

 

"This site could be stealing your password... it's not, but it easily could be.

Be careful where you type your password."

 

Enjoy!

[Gangir]

In response to post #31611950. #31612905, #31613765, #31614645, #31616115, #31616655, #31617020, #31617555 are all replies on the same post.

Trollenstein wrote: K, so I can't log into the forums and I don't know why. Login goes smoothly but it says "Sign in", and I'm signed into nexusmods.com obviously. No idea what's going on there.


There's no statement on whether or not all files are clean on the Nexus. Whether or not existing mods have been compromised. Whether or not the site is safe to use at all. That's a problem. I'm about ready to delete GBs of mod zips and rars, do a clean game install because of this issue alone, but I think I'm done using NMM and Nexusmods.com, likely indefinitely. Based on how the NMM software behaves, how it has been behaving, and how the "security firm" Nexusmods.com is paying $60,000 a year to keep the site safe let something go through is disconcerting. Virustotal is missing files as well, so that isn't even a legitimate way of saying "Hey guys, this mod is safe. No worries!" anymore.

I doubt more money will be coming as this news is bad regardless of your outlook on the future, so the security level may stay the same and it's already been broken through once, meaning there *will* be a 'next time'. If funding slows down then the security slips a bit more. Suddenly the site is no longer usable the moment people say "No thanks, I'll pass." en masse, and it looks like people are already saying that.




I'm not attempting to be a fearmongering hater. I like nexusmods and want to use mods. But based on how often I use this site and these mods, it's not worth it. I think I'm done and recommend others jump ship as well.. Purely because the site, without even considering any reduction of funding by users, is teetering on that edge of safe and unsafe. It's time to pack it up until the admins sort this s#*! out in a big way.


Like I said, gigabytes of data on my PC from this site have to be removed because of this problem, and the liability of things going south again is even higher because of this news. This is likely the last time I use the site.

akparkison wrote: Well I know I'm not paying for a premium membership any more since it obviously isn't helping the security of my account.

Thankfully I've only used NMM once for an Oblivion mod that required it. I always manually download and scan all my files myself. I don't trust their virus scanner.

Not even the password change page is secured. I didn't notice that till today. Not happy. I was almost hit with a virus when a few big Skyrim mods were hacked.

Glad I don't play Fallout. And all my passwords are strong and stored externally. I still changed mine here anyway and looks I'll spend the next couple of hours changing all my others.

RealmEleven wrote: One of the biggest problems of today's world is people making statements before they collect all the relevant facts.

I suggest patience ... and the use of an up to date virus scanner.

Netsplite wrote: Every site can be hacked with enough time be it human error or social engineering and them finding out and being open is actually a good thing which others rarely do.
Nexus has been always very open open in general and actually improving the site and the mod manager with the last few releases are a nice improvements.
It's not like they sit on their hands all day and security is normally an after thought but considering the impact a significant breach can have it's good they invest heavily in it.

Just because they might have an potential breach doesn't mean people should avoid it as we have no confirmation with only a few mods that had suspicious files.

STANSHOME wrote: You know hackers got onto the playstation network right. and I think they have way more money and personal then nexus does. So maybe you shouldn't get so uppity, or stop using the internet cause these things do happen.

Hutspot01 wrote: We're talking 3 affected mods and you're talking about removing GB's of mods and stopping using NMM.

How are you not fearmongering?

Just use plain old common sense. If a mod isn't an injector, it doesn't need a dll. And no mod needs an exe. Also, it's good practice in any case to always check a mod's (or mod-update's) files before installing. Not only because of crooks, but also because it makes sense to actually know what each mod affects file-wise.

krist2 wrote: @arkparkinson
Are you serious? There is no system that is totally safe for hacking, if someone with enough know-how and resources want to hack a place they will. Even the FBI have been hacked...

xybedout wrote: No need to wipe everything. If you are really worried, do not install any mod with DLLs and EXEs. Your gigabytes of textures will not break your puter. {facepalm}

I suggest you go a computer class before you go complete bonkers. But as you said, you ain't using this site that much. Guess your entire post is moot?

[TheBadgerUK]

A good example of clear and timely information with no obfuscation around how our passwords and bank/cc details are kept. The how and why will no doubt come to light after the forensic investigation takes place. If anyone out there is in a ITSO type role it may be worth passing this about the office to show communication with customers done correctly, as opposed to how Talk-Talk did it.

Regarding SSL, the organisation Let's Encrypt has just gone into public beta, so might be worth a look for folks out there looking to implement TLS/SSL without the cost.