Bitcointalk.org hacked - change passwords and security questions

[Inkie Squid]

Sorry if this is a duplication, I searched but couldn't find another relevant post.

 

I just received an email from Bitcoitalk.org notifying me of a successful hack of their servers. The attacker walked away with password, email address, IP address, Secret question and answer as well as other info. While the password and secret question / answer info was encrypted, it's apparently not very strong encryption and so this should be changed on the website as well as everywhere else that the same info might have been used.

 

Here's the email in full that they sent:

 

 

 

You are receiving this message because your email address is associated
with an account on bitcointalk.org. I regret to have to inform you that
some information about your account was obtained by an attacker who
successfully compromised the bitcointalk.org server. The following
information about your account was likely leaked:
 - Email address
 - Password hash
 - Last-used IP address and registration IP address
 - Secret question and a basic (not brute-force-resistant) hash of your
 secret answer
 - Various settings

You should immediately change your forum password and delete or change
your secret question. To do this, log into the forum, click "profile",
and then go to "account related settings".

If you used the same password on bitcointalk.org as on other sites, then
you should also immediately change your password on those other sites.
Also, if you had a secret question set, then you should assume that the
attacker now knows the answer to your secret question.

Your password was salted and hashed using sha256crypt with 7500 rounds.
This will slow down anyone trying to recover your password, but it will
not completely prevent it unless your password was extremely strong.

While nothing can ever be ruled out in these sorts of situations, I do
not believe that the attacker was able to collect any forum personal
messages.

 

[DIV1D3]

Yeh, never really did anything with Bitcoin or crypto in general, but I still have an account. Now I have to change my password for almost every fkin account, including LTTF... 

~.~

[Inkie Squid]

Yeh, never really did anything with Bitcoin or crypto in general, but I still have an account. Now I have to change my password for almost every fkin account, including LTTF... 

~.~

same here - it's that damn security question that's annoyed me... it's hard to find one anyway that can't be answered with a google search because of facebook.

[DIV1D3]

same here - it's that damn security question that's annoyed me... it's hard to find one anyway that can't be answered with a google search because of facebook.

Eh, I never use those security questions. In the middle of changing my passwords to an older one.