Hi all,
Wanted to share an update with you all following some concerning behavior from a particular user who claimed data was being stolen and there had been a breach in the N4G profile system.
The dev team has been working tirelessly through the night and this morning to rectify any issues caused by the user, and we now believe there has not been a data breach as such, but rather a compromise in the system that allowed the individual to exploit and post update messages. Although the user was banned by Chris and the team there is a delay in closing the user active session so they were able to continue to post spam comments.
We will be looking to rectify this issue.
What have we done
We have deleted all of the offending accounts that had the ability to modify the stories - and as mentioned re-evaluating the entire security of the site to ensure this doesn't happen again. Looking forward we will be looking to implement Single Sign On which will further enhance the security measures.
It's a real shame that this sort of stuff happens, as it puts the entire community as well as the hard-working team behind the site, under huge pressure. We would ask that all of us keep an eye on the site and flag if anything is suspicious so our teams can action right away.
Your feedback is listened to
We have also had a number of concerns raised about the ads on the site. The site is supported by advertising from the community - this allows us to continue to run N4G. We have introduced N4G Rewards as ultimately we want to reduce the number of ads on site, but until this develops, the ads need to be on the site to ensure it's supported. We are hugely grateful for the loyal community that comes back each day and we're confident in our plans for 2024 that N4G will be in an even better place.
ACTION
For now, to be on the safe side and despite the fact we have resolved the issue, we would recommend changing your password for N4G. Our team is monitoring everything closely and will let you know if there is further guidance.
Once again, thank you for not only your support of the site but your vigilance against those who unfortunately want to damage and harm the thriving community that resides here.
Thank you,
Andrew and the team, BGFG
Arrowhead Game Studios CEO Johan Pilestedt explains how the studio name comes from a name translation, plus the background on the game title “Helldivers.”
TSA writes: Visit Neo-San Francisco in Read Only Memories: Neurodiver, a wonderfully realised sci-fi setting that will leave you wanting more.
"SEGA are today very happy and excited to announce that "Demon Slayer -Kimetsu no Yaiba- Sweep the Board!", the latest official game of the Demon Slayer: Kimetsu no Yaiba anime, will be launching for PlayStation®5, PlayStation®4, Xbox Series X|S, Xbox One, and Steam in North America and Europe on July 16, 2024." - SEGA.
More communication than the Sony hack of 2011. Thanks for the work guys.
I received a PM last night from the person, and they were claiming to be a "soon to be former employee". They said their purpose was to call out BGFG's lack of proper encryption of passwords, putting all of its users at risk.
The weird thing is though, after the site went down last night, those PMs were completely scrubbed from my mailbox, as if they never existed.
They were responding to a comment I had dropped on Christopher's post about this.
I'd never hear of resetera until this hack, so it dids it job hahaha
I’m sure there are no risks but yes changing passwords is always a good idea after unexpected behaviour.
Thanks for the update 👍
There has been some goofiness with the site header covering the profile dropdown for a while now making it hard to sign in or check notifications. Looks like it may be fixed, but I won't know for sure until I need to sign in again or get a notification. What's the best way to bring up issues like this?
Also, it seems like we get signed out after 3 or 4 days without being on the site on a certain device. Is there any chance that could be extended? It wasn't really a problem before when it was just the sign in, but then captcha was added and I often have to go through multiple picture match things to get signed in and it's pretty annoying.