Graal Forums  

Go Back   Graal Forums > General Forums > Graal Main Forum (English)
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 05-10-2016, 03:23 AM
ffcmike ffcmike is offline
Banned
Join Date: Jul 2004
Location: London
Posts: 2,029
ffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond repute
Send a message via AIM to ffcmike Send a message via MSN to ffcmike
Exclamation Staff Account Security Issues

Due to recent compromises of Graal's databases there appears to be a strategic effort to gain access to playerworld staff accounts, for example on Classic there has been unauthorised access to two staff accounts in the space of one week (fortunately no RC logins or damage caused).

I would suggest that all playerworlds:
  • Remove inactive (or pointless) staff from RC
  • Remove all but the latest IP range from each staff member
  • Request that all staff change their Graal password and use the client computer lock system
  • Request that all staff change their associated email address password (as it is known that some used this password for their support center account)

(if they haven't already)

Last edited by ffcmike; 05-10-2016 at 06:59 PM..
Reply With Quote
  #2  
Old 05-10-2016, 06:41 PM
Starfire2001 Starfire2001 is offline
Unholy Nation
Starfire2001's Avatar
Join Date: Dec 2010
Location: The streets.
Posts: 156
Starfire2001 will become famous soon enough
Gee, so this wasn't just a UN problem. Who would have guessed?

Also, for the record, the last UN staff member who got their account stolen claims he was using the client computer lock system, so I'm not sure if that's not working or what.
__________________
-Ph8
Reply With Quote
  #3  
Old 05-10-2016, 06:49 PM
ffcmike ffcmike is offline
Banned
Join Date: Jul 2004
Location: London
Posts: 2,029
ffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond repute
Send a message via AIM to ffcmike Send a message via MSN to ffcmike
Quote:
Originally Posted by Starfire2001 View Post
Gee, so this wasn't just a UN problem. Who would have guessed?
It could well be random hoardings of accounts, but even then the fact that remote control now only lists servers you are staff on makes it easy for the culprits to identify what servers they could potentially access.

Quote:
Originally Posted by Starfire2001 View Post
Also, for the record, the last UN staff member who got their account stolen claims he was using the client computer lock system, so I'm not sure if that's not working or what.
Is it known for certain that they didn't have the email address compromised?
Reply With Quote
  #4  
Old 05-10-2016, 06:56 PM
Starfire2001 Starfire2001 is offline
Unholy Nation
Starfire2001's Avatar
Join Date: Dec 2010
Location: The streets.
Posts: 156
Starfire2001 will become famous soon enough
Quote:
Originally Posted by ffcmike View Post
Is it known for certain that they didn't have the email address compromised?
No, not known for certain. Assumed it was the db leak, but very possibly could have been email I suppose. He wasn't able to get his account restored, and I only got his story through someone who knew him, so can't ask now.
__________________
-Ph8
Reply With Quote
  #5  
Old 05-11-2016, 01:55 AM
Urahara112 Urahara112 is offline
Registered User
Join Date: Oct 2014
Posts: 60
Urahara112 has a spectacular aura about
It's crazy how people of this community have to take lead here to keep people and servers safe, rather than the actual "Graal Administrators" taking time to make these logical suggestions.
Reply With Quote
  #6  
Old 05-11-2016, 08:04 PM
MysticalDragon MysticalDragon is offline
Global Administration
MysticalDragon's Avatar
Join Date: Oct 2002
Location: Lynn Ma
Posts: 883
MysticalDragon is just really niceMysticalDragon is just really nice
Send a message via AIM to MysticalDragon Send a message via MSN to MysticalDragon
Quote:
Originally Posted by ffcmike View Post
Due to recent compromises of Graal's databases there appears to be a strategic effort to gain access to playerworld staff accounts, for example on Classic there has been unauthorised access to two staff accounts in the space of one week (fortunately no RC logins or damage caused).

I would suggest that all playerworlds:
  • Remove inactive (or pointless) staff from RC
  • Remove all but the latest IP range from each staff member
  • Request that all staff change their Graal password and use the client computer lock system
  • Request that all staff change their associated email address password (as it is known that some used this password for their support center account)

(if they haven't already)
Since his information is a little inaccurate, I'll correct the portion that is. Toonslab Support Database leak had nothing to do with accounts being compromised. The Toonslab Registered account list is seperate fromt he player account. However when the database was leaked only the registered accounts (Not the passwords) and the email name used to register the account.
__________________
~Delteria Support
~Playerworld Support
~PWA Chief
http://support.toonslab.com
[email protected]



Reply With Quote
  #7  
Old 05-11-2016, 10:55 PM
fowlplay4 fowlplay4 is offline
team canada
fowlplay4's Avatar
Join Date: Jul 2004
Location: Canada
Posts: 5,200
fowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond repute
Quote:
Originally Posted by Starfire2001 View Post
Gee, so this wasn't just a UN problem. Who would have guessed?

Also, for the record, the last UN staff member who got their account stolen claims he was using the client computer lock system, so I'm not sure if that's not working or what.
Their email being compromised usually goes hand in hand with their Graal account being compromised as well so that system is a bit useless since they could just approve the new computers.

It wasn't really announced but there is a system in place now that requires you to setup 2FA (Google Authenticator) in order to use RC and approve IP range additions which should prevent compromised active staff accounts from gaining access.

This was implemented after the whole UN ****-storm though.
__________________
Quote:
Reply With Quote
  #8  
Old 05-12-2016, 02:06 AM
ffcmike ffcmike is offline
Banned
Join Date: Jul 2004
Location: London
Posts: 2,029
ffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond repute
Send a message via AIM to ffcmike Send a message via MSN to ffcmike
Quote:
Originally Posted by MysticalDragon View Post
Since his information is a little inaccurate, I'll correct the portion that is. Toonslab Support Database leak had nothing to do with accounts being compromised. The Toonslab Registered account list is seperate fromt he player account. However when the database was leaked only the registered accounts (Not the passwords) and the email name used to register the account.
Who said this is all down to the support center database?
Reply With Quote
  #9  
Old 05-12-2016, 09:47 AM
MysticalDragon MysticalDragon is offline
Global Administration
MysticalDragon's Avatar
Join Date: Oct 2002
Location: Lynn Ma
Posts: 883
MysticalDragon is just really niceMysticalDragon is just really nice
Send a message via AIM to MysticalDragon Send a message via MSN to MysticalDragon
Quote:
Originally Posted by ffcmike View Post
Who said this is all down to the support center database?
You said recent compromises of graals databases? Only database that was compromised was toonslab. So I assumed that's what you was referring to.
__________________
~Delteria Support
~Playerworld Support
~PWA Chief
http://support.toonslab.com
[email protected]



Reply With Quote
  #10  
Old 05-12-2016, 12:48 PM
ffcmike ffcmike is offline
Banned
Join Date: Jul 2004
Location: London
Posts: 2,029
ffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond repute
Send a message via AIM to ffcmike Send a message via MSN to ffcmike
Quote:
Originally Posted by MysticalDragon View Post
Only database that was compromised was toonslab.
I won't argue as I don't know any specific details, but I was under the impression that multiple databases were compromised, possibly one within the last week or so.
Reply With Quote
  #11  
Old 05-12-2016, 02:34 PM
Urahara112 Urahara112 is offline
Registered User
Join Date: Oct 2014
Posts: 60
Urahara112 has a spectacular aura about
Quote:
Originally Posted by MysticalDragon View Post
You said recent compromises of graals databases? Only database that was compromised was toonslab. So I assumed that's what you was referring to.
It's not good to make sudden assumptions
Reply With Quote
  #12  
Old 05-12-2016, 04:05 PM
MysticalDragon MysticalDragon is offline
Global Administration
MysticalDragon's Avatar
Join Date: Oct 2002
Location: Lynn Ma
Posts: 883
MysticalDragon is just really niceMysticalDragon is just really nice
Send a message via AIM to MysticalDragon Send a message via MSN to MysticalDragon
Quote:
Originally Posted by Urahara112 View Post
It's not good to make sudden assumptions
I had the right to assume since that's the only database that got compromised.
__________________
~Delteria Support
~Playerworld Support
~PWA Chief
http://support.toonslab.com
[email protected]



Reply With Quote
  #13  
Old 05-13-2016, 09:42 PM
MKnance MKnance is offline
Registered User
Join Date: Aug 2003
Location: Dupo
Posts: 49
MKnance is an unknown quantity at this point
honestly what if the PWA's accounts have been compromised just sayin its possible most of the globals are inactive these days there accounts are probably easy targets by now
Reply With Quote
  #14  
Old 05-14-2016, 06:39 AM
ffcmike ffcmike is offline
Banned
Join Date: Jul 2004
Location: London
Posts: 2,029
ffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond repute
Send a message via AIM to ffcmike Send a message via MSN to ffcmike
Quote:
Originally Posted by MKnance View Post
honestly what if the PWA's accounts have been compromised just sayin its possible most of the globals are inactive these days there accounts are probably easy targets by now
There are only 3 official global staff, and at least one other global staff who's existence hasn't been published.

It's a valid point though, it wasn't so long ago where a former higher-up account was compromised in an unpredictable capacity. Luckily the culprit had no malicious intentions.

Last edited by ffcmike; 05-14-2016 at 07:15 AM..
Reply With Quote
  #15  
Old 05-22-2016, 02:55 PM
ffcmike ffcmike is offline
Banned
Join Date: Jul 2004
Location: London
Posts: 2,029
ffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond reputeffcmike has a reputation beyond repute
Send a message via AIM to ffcmike Send a message via MSN to ffcmike
Just discovered that a compromised account was disabled after the owner changed their password .
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 10:02 AM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.
Copyright (C) 1998-2019 Toonslab All Rights Reserved.