This discussion is now closed.
Check out other Related discussions
- Chevening Scholarship - Avoiding return to home country for 2 years
- Data breach
- Uk is a backwards aristocratic society
- Enhanced disclosure check for nursing degree
- Ethical Research Misconduct (continued discussion)
- Serious Misconduct Hearing
- Is it technically possible for this to happen in the future?
- Someone created
- My privacy has been completely invaded!!
- Post your biggest secret anonymously
- The London Clinic: Hospital where Kate treated responds after alleged privacy breach
- queen mary or st georges
- 2023 - Asylum decision maker recruitment
- Employer sueing employee
- Should TikTok get banned?
- Help (Cambridge)
- First speeding ticket
- 5 ways how AI is improving cloud computing
- Chevening Scholarship - Has someone not come back to your home country?
- Citi Graduate 2024
TSR security breach - what happened and what we're doing
Scroll to see replies
Original post by rmhumphries
Is this particularly relevant to the security breach though?
I don't the ins and outs, but it happened last time there was a security breach. Someone got hold of a password and accessed this site
Original post by Morgsie
I must say this but it gets rather confusing having so many different passwords
Have you seen https://lastpass.com/ ? You only remember one password, so you can make it super-brilliantly hard to crack, and then it remembers all your other passwords for you so that you don't have to. (Makes it possible - nay, easy - to use loads of different, very complicated passwords across different websites.)
Original post by Chrosson
Fair point.
TSR has no obligation to protect against stupidity. Get a grip.
TSR has no obligation to protect against stupidity. Get a grip.
The stupidity is the person revealing it so the sit can get hacked.
Original post by Chrosson
'We make it difficult for people to get access to the admin control panels'
Original post by Idle
Basically they will have limited who has access to the Admin Control Panel.
Original post by rmhumphries
Changing your password again could just mean that the attacker was able to take multiple database dumps as opposed to them being able to edit the server side files though.
Original post by EierVonSatan
It means that high level access to the more sensitive parts of the site, like the admin control panel have been further restricted.
So all the community staff have access to the Admin control panels?
Blimey, the Brighton office must have had a heart attack.
Original post by Morgsie
I don't the ins and outs, but it happened last time there was a security breach. Someone got hold of a password and accessed this site
I don't think that it was the case this time - however still, that is advice for the admin level as opposed to the users.
Original post by Morgsie
The stupidity is the person revealing it so the sit can get hacked.
I'm pretty sure there are more ways of getting hold of a password besides going to someone and asking them for it.
Original post by MMXIII
Don't know why hackers need to be hacking TSR during Exam period. We're under enough stress already.
Don't know why hackers need to be hacking TSR during Exam period. We're under enough stress already.LOL
Original post by Potally_Tissed
I'm pretty sure there are more ways of getting hold of a password besides going to someone and asking them for it.
I was on about the previous incident
A bit confused why we have to change our passwords for all our other things again if we already changed it yesterday night..I'm running out of passwords that I can remember lool
Original post by Morgsie
I was on about the previous incident
Even last time, was it confirmed that it is a privileged user divulging their password which caused the breach?
(edited 10 years ago)
Original post by CasualSoul
A bit confused why we have to change our passwords for all our other things again if we already changed it yesterday night..I'm running out of passwords that I can remember lool
I assume because when you changed it last night the hacker may still have been on the system.
Original post by rmhumphries
Even last time, was it confirmed that it is a privileged user divulging their password which caused the breach.
Wat. Where? Must have missed this...
Original post by CasualSoul
A bit confused why we have to change our passwords for all our other things again if we already changed it yesterday night..I'm running out of passwords that I can remember lool
I have a post on creating unique but memorable passwords here.
This is because the breach was only resolved recently so any password changes before that could still have been compromised.
Original post by rmhumphries
Even last time, was it confirmed that it is a privileged user divulging their password which caused the breach.
I doubt that. Where was this said?
Original post by Vikki1805
I assume because when you changed it last night the hacker may still have been on the system.
oh right
eugh I have to go and change them all again 
Original post by Chrosson
Wat. Where? Must have missed this...
Original post by Potally_Tissed
I doubt that. Where was this said?
Original post by anonymouspie227
so someone up there told someone else their password?
During the last security breach, then they said 'They accessed the site through a compromised privileged user account.'. Morgsie said 'The stupidity is the person revealing it so the sit can get hacked. ' in relation to last time - I am saying I am not sure a compromised account necessarily means someone revealing their password.
(edited 10 years ago)
Original post by Vikki1805
The hacker PM'd me saying
"Lets Skype?
"
We then continued to chat via private messaging, but I don't think he actually accessed anybody's Skype account, guessing that's just crossed wires!
"Lets Skype?
"We then continued to chat via private messaging, but I don't think he actually accessed anybody's Skype account, guessing that's just crossed wires!
The hacker has a affection for u
Original post by Vulpes
I have a post on creating unique but memorable passwords here.
This is because the breach was only resolved recently so any password changes before that could still have been compromised.
This is because the breach was only resolved recently so any password changes before that could still have been compromised.
I will take a look at that
Original post by rmhumphries
During the last security breach, then they said 'They accessed the site through a compromised privileged user account.'. Morgsie said 'The stupidity is the person revealing it so the sit can get hacked. ' in relation to last time - I am saying I am not sure a compromised account necessarily means someone revealing their password.
The account being compromised doesn't mean that someone was stupid and managed to give their password away
Original post by Freddy-Francis
The hacker has a affection for u
I did post screen snaps of some of the messages last night, although they had to be removed as weren't allowed to be posted.
Related discussions
- Chevening Scholarship - Avoiding return to home country for 2 years
- Data breach
- Uk is a backwards aristocratic society
- Enhanced disclosure check for nursing degree
- Ethical Research Misconduct (continued discussion)
- Serious Misconduct Hearing
- Is it technically possible for this to happen in the future?
- Someone created
- My privacy has been completely invaded!!
- Post your biggest secret anonymously
- The London Clinic: Hospital where Kate treated responds after alleged privacy breach
- queen mary or st georges
- 2023 - Asylum decision maker recruitment
- Employer sueing employee
- Should TikTok get banned?
- Help (Cambridge)
- First speeding ticket
- 5 ways how AI is improving cloud computing
- Chevening Scholarship - Has someone not come back to your home country?
- Citi Graduate 2024
Latest
Trending
Last reply 1 month ago
The Student Room Update: New Look, New Homepage and More!Trending
Last reply 1 month ago
The Student Room Update: New Look, New Homepage and More!
