Database Breach - An Update

[Netsplite]

In response to post #31699195. #31709590, #31710865 are all replies on the same post.

  Reveal hidden contents

  Quote

rickman wrote: If you are reading this Robin, know this: the community is supportive BECAUSE you share this stuff outright, clearly, and with incredible haste. If you treated us like Sony did in December of 2012, knowing the problem and denying it for two weeks or more, we'd probably be a lot less kind. There is also this to consider: You told us EXACTLY what, who, when, and how, as soon as you could, and in plain, simple terminology. I (and most likely about 10,000,000 others) appreciate a straightforward answer when there is an issue. But MOST IMPORTANTLY, you are kind and humble about it. If someone was mad at the employees of Nexus after your immaculate behavior, They are clearly not the kind of individual that we should be associated with as a user base. I personally love this site for a myriad of reasons, to explain it would take a ten+ page essay to enumerate all of the reasons why. To be clear though, the biggest reason, THE STAFF TREATS THE USER BASE LIKE PEOPLE. Despite there being 10,000,000 of us, we don't feel like faceless numbers. And that is because you seem to CARE. Don't stop doing that, and this awesome community will probably never devolve.

Thank you for being the best you can be.
Richard.

  Quote

JZSquared wrote: ^This sums up my feelings exactly. I couldn't have said it better myself.

  Quote

Lokie7 wrote: I second this, entirely. Well said.

^ +1

[zentari2238]

Hope to hell you stay away from that Authenticator carbage, or at least make it optional. Still remember the stuff I had to go through in order to get back in FF after my phone was stolen.

[SirNesta]

In response to post #31714675.

  Reveal hidden contents

  Quote

SirPhoenixBlood wrote: i think the site might be infected i got a redirect to a mailware site on a Fresh boot pc that was rebooted a day ago (full reinstall of windows) so i know i dont got any virus or mailwear on my end but the site it self keeps sending me to some site caiming that my firefox needs to be updated when i just installed a New firefox fully updated

I think your PC already got a malware :/ The site is completely safe and i never had any abusive redirection or that kind of stuff.
Try to scan your pc with your antivirus and malwarebytes for exemples.

I'm french so... sorry for my bad english ^^
Edited December 9, 2015 by SirNesta

[rambojambo21]

Got an email from amazon today requesting I change my password as my login details from another site were leaked online, so I assume that was this leak.

[rambojambo21]

In response to post #31714675. #31724210 is also a reply to the same post.

  Reveal hidden contents

  Quote

SirPhoenixBlood wrote: i think the site might be infected i got a redirect to a mailware site on a Fresh boot pc that was rebooted a day ago (full reinstall of windows) so i know i dont got any virus or mailwear on my end but the site it self keeps sending me to some site caiming that my firefox needs to be updated when i just installed a New firefox fully updated

  Quote

SirNesta wrote: I think your PC already got a malware :/ The site is completely safe and i never had any abusive redirection or that kind of stuff.
Try to scan your pc with your antivirus and malwarebytes for exemples.

I'm french so... sorry for my bad english ^^

Use Chrome

[ZedLeppelin]

In response to post #31724440. #31726500 is also a reply to the same post.

  Reveal hidden contents

  Quote

rambojambo21 wrote: Got an email from amazon today requesting I change my password as my login details from another site were leaked online, so I assume that was this leak.

  Quote

YourMemorial wrote: This really sounds like phishing indeed

Are you absolutely certain that the email was truly from Amazon? What you may also have gotten was a phishing email from someone looking to get your Amazon password from you. The timing may just be conveniently (to the phisher) coincidental, and utterly unrelated to this site's breach.

As a matter of fact, it sounds very phishy to me, in that how exactly would/should Amazon know your Nexus site details were leaked? Furthermore, as said in the above article, the account info acquired in the breach was very minimal, and thus should have no impact on your Amazon account's security, unless you do the unthinkable: use one password for all sites.

If you updated your Amazon details via a link in the email you got, I'd recommend you go to Amazon.com by typing it in your address bar and then reset your password again. You can never, ever be too careful regarding your account security at sites you've given credit card info to. Oh, and if you can't log in to Amazon with either the old or new password, then you got phished and someone has taken control of your Amazon acct. Good luck! Edited December 9, 2015 by ZedLeppelin

[ZedLeppelin]

In response to post #31714675. #31724210, #31725155 are all replies on the same post.

  Reveal hidden contents

  Quote

SirPhoenixBlood wrote: i think the site might be infected i got a redirect to a mailware site on a Fresh boot pc that was rebooted a day ago (full reinstall of windows) so i know i dont got any virus or mailwear on my end but the site it self keeps sending me to some site caiming that my firefox needs to be updated when i just installed a New firefox fully updated

  Quote

SirNesta wrote: I think your PC already got a malware :/ The site is completely safe and i never had any abusive redirection or that kind of stuff.
Try to scan your pc with your antivirus and malwarebytes for exemples.

I'm french so... sorry for my bad english ^^

  Quote

rambojambo21 wrote: Use Chrome

You say a fresh windows reinstall, but that begs the question... Did you format your drive before the reinstall? If not, any virus/malware that was on your PC prior to the install, could still be there. Also, I've been using the Nexus mods site since 2011, and can tell you I've never gotten malware or a virus from this site. Not saying it can't happen, but pointing out that this is a pretty well run and maintained site. But then, I don't click banner ads. If a banner add interests me, I google whatever the ad is about and get to the content that way. Banner ads aren't under the control of the site usually, so they cannot guarantee a banner ad's legitimacy. And as the other poster commented, try run a virus scan, and if you don't have it, download Malwarebytes (you can git it from download'dot'com) and run that as well. In any case, you definitely have a browser hijacker of some sort on your PC. Good luck!

[YourMemorial]

In response to post #31724440. #31725625 is also a reply to the same post.

  Reveal hidden contents

  Quote

rambojambo21 wrote: Got an email from amazon today requesting I change my password as my login details from another site were leaked online, so I assume that was this leak.

  Quote

ZedLeppelin wrote: Are you absolutely certain that the email was truly from Amazon? What you may also have gotten was a phishing email from someone looking to get your Amazon password from you. The timing may just be conveniently (to the phisher) coincidental, and utterly unrelated to this site's recent breach.

As a matter of fact, it sounds very phishy to me, in that how exactly would/should Amazon know your Nexus site details were leaked? Furthermore, as said in the above article, the account info acquired in the breach was very minimal, and thus should have no impact on your Amazon account's security, unless you do the unthinkable: use one password for all sites.

If you updated your Amazon details via a link in the email you got, I'd recommend you go to Amazon.com by typing it in your address bar and then reset your password again. You can never, ever be too careful regarding your account security at sites you've given credit card info to. Oh, and if you can't log in to Amazon with either the old or new password, then you got phished and someone has taken control of your Amazon acct. Good luck!

This really sounds like phishing indeed

[Deleted1225146User]

I tried to change my password multiple times but when I submit the new password, it sends me to a login form while I'm stilled logged in and doesn't let me change the password.

 

I'm also redirected between secure and unsecure connections and those don't share the session cookie so I end up being logged out.

 

I don't have this problem with any other site but this one so I'm gonna assume that you have more problems than "just" a stolen database.

[ZedLeppelin]

In response to post #31715540. #31717135 is also a reply to the same post.

  Reveal hidden contents

  Quote

a1021 wrote: So how can I delete my account now in a way that my data is completely removed from your databases? I can't find a way and I'd like to know how long you keep my data around.
You have users with inactive mail adresses. Do you ever clean your database, like delete inactive accounts? You can't possibly have millions of active users. Having so many adresses of course makes you a target.
Man, and I had wondered about all those recent spam mails I kept getting.
This is really the last straw for me, I don't wanna use your site anymore please. And if you moderate away this post I'll be really angry. I hope you realize you have a bad reputation already.

  Quote

Netsplite wrote: If you have gotten recent spam mails from a hack that occurred in 2013 you probably have a different issue.

Yeah, a1021, you're not likely getting spam emails from a minor data breach that occurred in 2013. Possible, yes. Likely, not really. Chances are, some site you recently registered with, sold your data and now you're getting spam.

And I call BS on your assertion that this site, or those who run it, "...have a bad reputation already." There are always going to be disgruntled peeps, some folks are just naturally that way, but overall, I've seen nothing but positivity from Nexus users in regards to this site.