vBulletin.com / vBulletin.org Hacked

Discussion in 'vBulletin Discussions' started by BamaStangGuy, Nov 14, 2013.

  1. Dan Hutter

    Dan Hutter aka Big Dan

    Joined:
    Jul 20, 2006
    Messages:
    1,412
    Likes Received:
    515
    Location:
    New York
    A major developer gets hacked and the first news I see of it is from @Brandon on Twitter. All par for the course with IB. At least none of my major sites run vB though it would be nice to know what the issue is to patch clients.

    My passwords were unique all they can really do is use my licenses. Which hey more power to them.
     
    Big al likes this.
  2. digitalpoint

    digitalpoint Regular Member

    Joined:
    Jul 9, 2012
    Messages:
    193
    Likes Received:
    313
    Location:
    San Diego, California
    Looks like it *was* being discussed on vbulletin.com, but subsequently deleted.

    Whoever designed vBulletin 5's search system should probably do something else for a living. Because you can see deleted stuff in search results. :)

    upload_2013-11-15_9-4-51.png
     
    goblues, Alfa1, Big al and 3 others like this.
  3. GTB

    GTB Regular Member

    Joined:
    Jun 30, 2009
    Messages:
    1,791
    Likes Received:
    270
    So was vB.com and vB.org hacked or not?
     
  4. we_are_borg

    we_are_borg Regular Member

    Joined:
    May 8, 2013
    Messages:
    305
    Likes Received:
    168
    Location:
    Netherlands
    First Name:
    Jeroen
    Well their deleting topic about it and no communication so it might be true. :)
     
    GTB likes this.
  5. we_are_borg

    we_are_borg Regular Member

    Joined:
    May 8, 2013
    Messages:
    305
    Likes Received:
    168
    Location:
    Netherlands
    First Name:
    Jeroen
    Well is not the whole script one big disaster, you can fire them all that worked on vBulletin 5 but who will maintain it then.
     
  6. GTB

    GTB Regular Member

    Joined:
    Jun 30, 2009
    Messages:
    1,791
    Likes Received:
    270
    Well if it is true, nice of them to NOT inform customers their profile account information might be at risk.
     
    Big al likes this.
  7. Code Monkey

    Code Monkey Regular Member

    Joined:
    Apr 15, 2013
    Messages:
    230
    Likes Received:
    170
    We can't say we didn't see this coming.
     
    Big al likes this.
  8. Terry

    Terry Regular Member

    Joined:
    Oct 12, 2010
    Messages:
    112
    Likes Received:
    66
    I am sure once they see the inners of the data they will give it back ... I doubt anyone would want ownership of this script ....
     
    Big al likes this.
  9. signal500

    signal500 Regular Member

    Joined:
    Nov 5, 2012
    Messages:
    143
    Likes Received:
    114
    so, where have mark b and Paul m been?

    I figured they'd be here by now defending and trying to spin this some way.

    How long before they scrap the vBulletin 5 fiasco? Here it is over a year later, there is still no CMS, and there is only like 50 mods or so released at vbulletin.org. How they can't call this a complete failure is beyond me.
     
    Last edited: Nov 15, 2013
    Big al likes this.
  10. GTB

    GTB Regular Member

    Joined:
    Jun 30, 2009
    Messages:
    1,791
    Likes Received:
    270
    Marks probabley busy "talking to himself" on his forum.... :rolleyes:

    As for Paul M, he was giving the excuse on TAZ that the Test board was hacked instead, but forgot to mention they use a snap-shot of vB.com for it with users having same password accounts e.t.c
     
  11. Brandon

    Brandon Regular Member

    Joined:
    Jun 1, 2009
    Messages:
    6,602
    Likes Received:
    1,707
    Location:
    Topeka, Kansas
    First Name:
    Brandon
    Test board or not it's still on the vbulletin.com/.org servers?

    Maybe @Paul M could clarify for us here?
     
    Big al likes this.
  12. we_are_borg

    we_are_borg Regular Member

    Joined:
    May 8, 2013
    Messages:
    305
    Likes Received:
    168
    Location:
    Netherlands
    First Name:
    Jeroen
    Why would a company do just that if they can deny it, it did not happen and they lose no face in the mean time. If it comes out they use PR to fix it.

    There not going to scrape anything why would they, look how their talking they still think vBulletin 5 is still is better then anything else out there. Developers that make mistakes and manager that do not care and a CEO that has no clue what is needed in forum development.
     
    Big al and Autopilot like this.
  13. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    A possible explanation in a typical future scenario.

    Mark B /Paul M- "What do you mean we were hacked, VB died from natural causes.

    Upset customer.- " How can you excuse such incompetence and say it died from natural causes"?

    Mark B /Paul M.- "Well due to the complete failure of VB5 and the total incompetence of the support staff and management it is natural for it to have died. Now you are banned for asking, bye sucker."
     
    Autopilot likes this.
  14. MyDigitalpoint

    MyDigitalpoint Regular Member

    Joined:
    Jun 5, 2013
    Messages:
    114
    Likes Received:
    30
    Location:
    Virtual World
    I have been dealing with "empty message" errors not to mention that people is not logged in when it is.

    In the past ticking the checkbox was enough but now this trick doesn't work with the home page, all other show people logged in though.

    However the more I use vBulletin 5, the more problem I'm finding with the script.
     
    Autopilot and Big al like this.
  15. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    I think that those of us who stated earlier that VB5 was ill conceived and a total disaster are totally vindicated now.
     
    Autopilot likes this.
  16. signal500

    signal500 Regular Member

    Joined:
    Nov 5, 2012
    Messages:
    143
    Likes Received:
    114
  17. Paul M

    Paul M Dr Pepper Addict

    Joined:
    Jun 16, 2009
    Messages:
    449
    Likes Received:
    136
    Location:
    Nottingham, UK
    When I went away on holiday (about 4 weeks ago now) I had a lovely internet free week. No constant negativity, twisting of words, and general hassle. I decided that when I came back I'd not bother much (if at all) with this and a few other sites where the majority of posters only seem interested in how they can attack IB again.

    I made the mistake of breaking that decision yesterday [on TAZ], and already someone above has twisted what I said (I did not make an "excuse". I stated a fact about what server was hacked). I dont intend to make that mistake again so while I may read the comments, its unlikely I'll post again, unless I really feel a complete untruth should be corrected. No matter what I say (or indeed anyone else says), we all know what direction this thread will go, you can already see it happening above.
     
  18. Brandon

    Brandon Regular Member

    Joined:
    Jun 1, 2009
    Messages:
    6,602
    Likes Received:
    1,707
    Location:
    Topeka, Kansas
    First Name:
    Brandon
    Was it the on the same server vb.com prod is on?
     
  19. BamaStangGuy

    BamaStangGuy Administrator

    Joined:
    Jun 23, 2009
    Messages:
    769
    Likes Received:
    549
    Location:
    Huntsville, AL
    Maybe you should get your company to issue statements instead of having to rely on you to post on some admin site, which only left MORE QUESTIONS, yet to be answered, once you confirmed that data was compromised.

    You might be a nice guy for all I know but you are absolutely the [****][****][****][****]ing worst person in the world when it comes to common sense in handling public relations with people.

    Period. Hands down. It is mind boggling.
     
    GTB, Brandon, Autopilot and 1 other person like this.
  20. signal500

    signal500 Regular Member

    Joined:
    Nov 5, 2012
    Messages:
    143
    Likes Received:
    114
    I can't believe IB hasn't said anything on their company forums (yes I can) yet about the breach. It's clear a breach has occurred of the vBulletin systems, but what has been compromised is anyone's guess at this point.

    If it was just a Q&A server, it's been stated that those are populated with the information from the main vBulletin database. Which would mean, thousands of users emails, and passwords were compromised. Judging from the scheme of the DB table, it's possible more information was compromised as well.

    And it's the weekend, corporate IB takes weekends off, so don't expect any announcement soon for this embarrassment.
     
    Big al likes this.

Share This Page