during you're migration

[Mastiff]

I have received numerous attempts at my emails since you have started you're migration from the web-site. I have a strict list of password to various websites I use; and the one password I use for this web-site was sent to me and there asking for bitcoin, Now I know all I have to do is ignore it. I just wanted to notify you that all the passwords for you're site may have been compromised. I also changed my email and nic.

I should clarify, the Store main page, not the forums.

 

Edited July 13, 2018 by 71st_Mastiff

[sburke]

I'll pass along, I don't think BF will see this here. One bit of info, BF does not store credit card info so risk should be low.

Edited July 13, 2018 by sburke

[A Canadian Cat]

Interesting, you should also know that the reason our accounts were not fully migrated over is likely because the old site did not store our passwords. That has been the state of the art in security for a long time now. Password test values are stored has salted hashes. That way if the database is compromised an attacker's cannot get plain text or even hashed password values. It is also why password reset features either send you a new random pw or takes you to a UI to set a new one - the site cannot tell you what your pw was.

So, if someone sent you your password in plain text you have bigger problems than one site. I would check for malware and key loggers on your end and then reset all your pws.

[Mastiff]

the good news is they where old passwords from 3 years ago. and found my old email is on the darkweb. so I been moving all my stuff to a new email and dropped that old one.