Jump to content
Forums Gone... but not forgotten!

Tired of these Ads? Register Today!

Pontiac of the Month

gscherer78ta's 1978 Trans Am

2019 February
of the Month

  • Welcome to Forever Pontiac

    We are a community of Pontiac enthusiasts. The purpose of our community is to keep alive the Pontiac spirit by sharing (or showing off) our cars, discussing Pontiac, helping each other work on our cars and find information, plus attend various meets/shows/etc... To aid discussion, sharing, event planning and selling of parts/cars/anything, we have various parts of the website to aid this from Forums to an online Garage to Classifieds to even a Document Download Repository. You can find links to these in our navigation above based on what each section helps with (discussion, local events, learning, etc...).

    We invite you to contribute, find help or just view some of our member's amazing cars! Don't forget, we also have great contests from time to time (like our Pontiac of the Month and yearly calendar contest) and our Pontiac This OR That, a fun game where you choose the best of two randomly selected Pontiacs from our online garage.

    We look forward to seeing you around!

Ringo64

Back up

Recommended Posts

Sorry about that guys. We were unfortunately hacked last night and I am still recovering us from the fall out. No user's personal information was accessed during this breach in our file system. Right now, the main forums are up and I will update this topic as other items come back online.



Items online:


- Forums


- Gallery


- Chat


- Calendar


- Overall Core System


- Garage This OR That


- Garage


- Shoutbox


- Point System


- Subscriptions


- General Contact Form



Everything at this point in time is working, please let us know if you have any issues!



Thanks for your patience!


Share this post


Link to post
Share on other sites

Tired of these Ads? Register Today!

seriously?


Share this post


Link to post
Share on other sites

seriously?

I mean.. I could just blame it on you if you like? :lol:

Share this post


Link to post
Share on other sites

well...you can. but dont forget my accomplice (did i spell it correctly?).


Share this post


Link to post
Share on other sites

So for us IT geeks out here, what was the nature of the hack/breach? I assume that we have a third-party commercial server/administrator that provides the website home site/space/middleware/etc. So I am going to assume that more than just FP were breached by this.



Since I spent a lot of time in computer operations (nearly 30 years), here are some hard questions I recommend you ask of our service/security providers are:



1. What is the nature of the breach/hack?


2. What was the root cause that allowed them to get in the first place? Why did it occur in the first place?


3. What information was accessed during the breach?


4. Who's information is at risk and what are you (the service provider) going to do about it?


5. What is the permanent corrective action to fix this exploit and prevent it from happening again?


6. What process changes are going to made to prevent future exploits (like this) from ever occurring again ? (timely patching, training, better security software, firewalls, etc.)



Ringo - I'd be happy to consult with you on this, based on the responses you get. This smells like a lack of due diligence on our service provider's part in one or more areas. Its time to be a hard ass on these guys because this is a very serious matter. You and they have to take this extremely seriously and they have to take serious corrective actions both short term and long term.


Share this post


Link to post
Share on other sites

Thanks, Frosty. As you said this is a very serious matter and we are ensuring everything in our, our host's and our software vendor's power are going to be taken care of or we are going to be moving.



As I said, no personal information was accessed. I can ensure this already (not that we are storing tons of sensitive data but even hashed passwords and email addresses I consider personal information). Our file server was the only thing that was breached, which for those not familiar, do not house your data :) I do not like to discuss the nature of the exploit in public but if anyone is concerned I can certainly put your mind to rest.



With our host, we have made a lot of preventative measures, with the help of all of vendors, we will continue to make sure we are not vulnerable to any further attacks. Something I do want to say is that our software vendor (Invision Power Services) and our host has been great through this whole endeavor. IPS has been searching to make sure it was not a security exploit in their code and our host is making ample suggestions and implementing everything we are asking. Overall this is not the worst thing that has happened (could have been a lot worse) but it has certainly opened our eyes.


Share this post


Link to post
Share on other sites

Dude, when I logged on, I mildly freaked out and bailed ASAP, worried I would get hit....thank God for LifeLock. Sucks though, I am glad we are up and running.


Share this post


Link to post
Share on other sites

are PMs part of that breached file system? cuz there may have been some sensitive info there.


Share this post


Link to post
Share on other sites

are PMs part of that breached file system? cuz there may have been some sensitive info there.

Nope, everything data wise, from posts to PMs to user information is stored in the database. That was untouched.

Share this post


Link to post
Share on other sites

This is only the beginning...



skynet.jpg


Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


Tired of these Ads? Purchase Enhanced Membership today to remove them!
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.