Moderator Account Accessed By 3rd Party

[cluckmecoop7]

That looks like spam!

@Nifty-Chicken

 

[Nifty-Chicken]

It's not spam.

It probably has something to do with their browser cache.

 

[Kiki]

NOTE: From what we can see in the logs, NO USER INFORMATION WAS ACCESSED OR CHANGED!

---

Here's a high-level of what happened over the last hour:

• At 11:07 am PST, we saw some really odd stuff... a bunch of threads were "soft deleted" (basically, they won't show up for members, but they are still in the system).
• After some quick investigation, we discovered one of the moderator accounts was accessed by an unknown person who started to mass-delete threads.
• Our team QUICKLY moved into action and:
• Blocked the moderator's account
• Forced all other moderators' accounts to new passwords
• Started the process of "undeleting" the threads

Again, from what we can see in the logs, NO USER INFORMATION WAS ACCESSED OR CHANGED!

UPDATE: To clarify, moderators can NOT access Private Message conversations, passwords, etc.

We have limits on what our moderators can see / do, and fortunately those limits proved themselves very effective in this situation

Also, pretty much everything and anything a moderator does, can be completely undone by me

In the 15 years I've been running forums, this is the first time this has happened. That said, we're going to keep digging deeper into this to figure out what went wrong, and what needs to be done to prevent it in the future! For example, we will require all our moderators to use "2 factor authentication" moving forward. Usually this is only really important for Admins, but we want to add this additional layer for even more protection!

Thank you for everyone's patience as we worked through this, but a HUGE THANK YOU to our amazing team (especially @DuckLady) for such speedy response and help!

---

This is all a VERY good reminder to everyone:

1. Use a unique password for all sites... i.e., don't use the same password for multiple websites.
2. Use a password that is complex
3. Change-up your passwords from time to time

Have you found the hacker yet?

 

[Ascholten]

Yes,
His name is Herman Munster
he lives on 1313 MockingBird Ln.
its in the mockingbird heights subdivision
Chickenville, ID 13113

 

[The Moonshiner]

 

[cluckmecoop7]

Good job BYC team

 

[Jenn1018]

Thanks for posting this! I got a notification that was very rude with profanity. This explains it!

I did too!

 

[Marie2020]

Please no lol I need byc

I would be up to my neck in poop without BYC

 

[Marie2020]

I just enabled 2FA for my account. If you're concerned about the security of your account, it's available: https://www.backyardchickens.com/account/two-step/
You just need an app like Google Authenticator, that's what I use. It generates a code that must be entered in addition to the password.

Interesting, I didn't know that, thank you

 

[Marie2020]

This is exactly what I thought! Why, of all the forums on the internet, would anyone want to hack a chicken-keeping forum?
Even if someone was doing it for entertainment... why a chicken forum of all places? I find it to be pretty funny.

They are desperate too attack and anyone will do.

Maybe they work on a battery farm or something.