NOTE: From what we can see in the logs, NO USER INFORMATION WAS ACCESSED OR CHANGED!
Here's a high-level of what happened over the last hour:
Again, from what we can see in the logs, NO USER INFORMATION WAS ACCESSED OR CHANGED!
- At 11:07 am PST, we saw some really odd stuff... a bunch of threads were "soft deleted" (basically, they won't show up for members, but they are still in the system).
- After some quick investigation, we discovered one of the moderator accounts was accessed by an unknown person who started to mass-delete threads.
- Our team QUICKLY moved into action and:
- Blocked the moderator's account
- Forced all other moderators' accounts to new passwords
- Started the process of "undeleting" the threads
UPDATE: To clarify, moderators can NOT access Private Message conversations, passwords, etc.
We have limits on what our moderators can see / do, and fortunately those limits proved themselves very effective in this situation
Also, pretty much everything and anything a moderator does, can be completely undone by me
In the 15 years I've been running forums, this is the first time this has happened. That said, we're going to keep digging deeper into this to figure out what went wrong, and what needs to be done to prevent it in the future! For example, we will require all our moderators to use "2 factor authentication" moving forward. Usually this is only really important for Admins, but we want to add this additional layer for even more protection!
Thank you for everyone's patience as we worked through this, but a HUGE THANK YOU to our amazing team (especially @DuckLady) for such speedy response and help!
Thanks for all you do. I did not receive any notifications, but I appreciate you taking care of this.
Just remember, the chicken may cross the road, but nobody crosses the chicken.
Specifically Backyard Chickens!
Could you restore it if you haven't already? I knew it wasn't a real mod because it said, "Reason: **** " 
