Pagina 1 di 1

RSGB IOTA WEBSITE BREACH

MessaggioInviato: 2 ottobre 2015, 22:30
da IK0ZCW
At 04:48 UTC on 27 September, an automatic bot gained access to the IOTA website database and was able to exploit a bug in the IOTA code in order to reset the password for every user on the site. This is why you might not have been able to log into the site. There is no sign in the system logs that any data was read or that personal data was compromised. Once the IT team was aware of the issue, they immediately took the database offline for analysis and corrected the bug. User passwords are stored in a hashed format in the database, not in plain text. In accordance with best practice, however, we'd like to encourage all users of the IOTA website to change their passwords. Additionally, if you have used your IOTA password on other websites, you should change the passwords on those other sites also. If you have any further questions or concerns, please contact iota.online[@]rsgb.org.uk.
[TNX G3KMA]