Domush Posted August 26, 2018 Share Posted August 26, 2018 Hello all, I'm an information security professional, and as a standard practice I use a custom email address for every website I register with. This enables me to trace which websites have either sold their email list to spammers or have been hacked. Given the fact my custom email address for this website just received numerous spam emails within seconds of each other, I'm going to assume this was not an authorized email blast, which means NexusMods.com has been hacked. While there is no way for me to determine, from my end, when this hack took place, there is no other means for this address to be leaked (it's very customized per site). If they don't know already (and haven't announced it), I'd advise the admin team to check their logs over the past few days for suspicious connections or site errors. The end result is the same, however. This website has been hacked and user details are at risk. Change your passwords now, as well as on any other websites which use the same credentials. I enjoy this website, and I hope this is an isolated case, but the fact remains if one person can extract the email list, others can. If the Nexus team has been slow on patching and updates, now is the time to catch up. Cheers Link to comment Share on other sites More sharing options...
Dark0ne Posted August 26, 2018 Share Posted August 26, 2018 https://www.nexusmods.com/news/12675 While your account is a few weeks ahead of the cut-off point we know of (from the dump we received from security experts at the time), it's likely it's a part of that breach. Link to comment Share on other sites More sharing options...
Domush Posted August 26, 2018 Author Share Posted August 26, 2018 I can confirm the address in question is from an account within that time period. The spam was not sent to the address linked to this [Domush] account, but an older, no-longer-used account. Thank you for the news link. Link to comment Share on other sites More sharing options...
Dark0ne Posted August 26, 2018 Share Posted August 26, 2018 Oh thank goodness for that!* And thank you very much for coming back and confirming it was on another, older, account that would have been within the time frame. PHEW! *Obviously not thank goodness we got hacked, but thank goodness we didn't have another breach/have to push the times back on the original breach Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now