Town of Salem Game Forums

[flossiebell]

So our payment information is safe, right? All we have to do is change our Town of Salem password? All of this is making me very nervous...

[Achilles]

We never saw an email from dehashed. We looked at our email account, and saw nothing from them.

Really? I mean, really?

I'm sorry that this all happened and wasn't responded to quickly enough but people were on vacation spending time with their families (and his emails went to our spam filter).

This dev team's damage control is about as good as their security.

There's two different timelines here that you guys are mixing up. When it was first mentioned, they saw no emails; ergo, they never saw the email. The emails were only seen last night after really digging for it, and it was found to be in the spam folder; I mean... how often do you check your spam folder? I check mine maybe twice a month... if that.

The timeline is this:
1. Called by a sketchy private number that wouldn't speak over voice and only via email, claiming U GOT HAXED! (man, if I had a dollar for every email that said I got hacked... I'd be rich).
2. Doesn't get an email (didn't check spam, obviously). Chalked it up to yet another scammer try to extort money.
3. Breach is publicized.
4. Scrutinizing the email inbox, they find them tucked away in spam. (I personally confirmed that pwn and dehashed by default both went to my junk folder. I use hotmail, they use gmail).
5. Now they are aware of the legitimacy of the breach.

This is what I'm gathering the timetable to be, feel free to correct me Blake/Josh/Brandon if this is incorrect.

Yeah exactly what happened. In hindsight definitely wish I had checked the spam folder and regret how everything turned out.

[Alicitzen]

But is my money and all that safe?

Even the slightest bit of looking at what got out would tell you.

[shapesifter13]

We are working to send emails out to all the users affected currently.

[Varanus]

Also every time I navigate to a new page my browser tries to download a .swf file from this site

What the fuck

Embedded youtube video in Dash's sig

[TurdPile]

Also every time I navigate to a new page my browser tries to download a .swf file from this site

What the fuck

Yeah a particular browser tries to download a youtube video from someone's signature.

EDIT: Apparently Dash's

[Alicitzen]

It's been a week since thus event occurred and I've yet to receive an email from BlankMediaGames informing me that my data is compromised.

What's up guys?

They only just learned about the breach overnight and are investigating it and preparing for an email. There have been developer updates throughout the thread that have stated this exact information.

Cool. I should have received an email last night.

I just heard that my password was compromised from this website just half an hour ago by someone banned from this website.

ohhh noooo the amount of characters in your password got leeeaaakkkeeddd what ever are yooouuu to dooooooo
oh wait even with that there like shit all that can be done with it you would actually need to worry about

And this dash person should change their signature to something that doesn't download files to peoples computers?

use a better browser

[TurdPile]

And this dash person should change their signature to something that doesn't download files to peoples computers?

It's not a signature issue, its an issue with your browser not wanting to play youtube videos for whatever reason. Guessing your browser isn't up to date.

[S0me0ne23]

And this dash person should change their signature to something that doesn't download files to peoples computers?

dash is jord btw

[Alicitzen]

And this dash person should change their signature to something that doesn't download files to peoples computers?

Yeah totally my fault for using the YouTube tag 4Head

@turdpile
why isnt 4Head in the emotes yanked from twitch

[TurdPile]

And this dash person should change their signature to something that doesn't download files to peoples computers?

Yeah totally my fault for using the YouTube tag 4Head

@turdpile
why isnt 4Head in the emotes yanked from twitch

Funny enough, I was thinking the same thing

[lalasex]

LMAO why this gets attacked? Like those spambots and NOW THIS


probs because this game have worst community ever tbh

[YFYDB]

oki guys.
I have a question related to the stolen data.

If i have purchased something, what kind of data do the hackers have? What exactly? What is my bank-number (anyhow it's called), that is just the number, that you need to pay me, but nothing more; the report of the payment; the easy way how to get into my bank account?

[ICECLIMBERS]

what a quality thread

[YFYDB]

Ooff, it's a good news.

But... Well then, i am a paranoic. Okey, they have exact info about my account inside the game. Activity info if i remember the name well. So, is it possible, that if a player played several hundreds of games, they might analize the data against hacked player and use the info from analyse to blackmail?


Well, it makes sense. You might have revealed some mental diseases while playing, but no one cared, and now hackers put it all together, and blackmail you by your e-mail (spam emails).

[Varanus]

I guess factory resetting is one way of making sure your browser is updated

[ICECLIMBERS]

Most users ever online was 9984 on Wed Jan 02, 2019 3:39 pm

ok then

so when you send the email to everybody informing them of this (NUDGE) can you not include a link to this i don't want to die under heavy traffic

[LevinSnakesRise]

Ooff, it's a good news.

But... Well then, i am a paranoic. Okey, they have exact info about my account inside the game. Activity info if i remember the name well. So, is it possible, that if a player played several hundreds of games, they might analize the data against hacked player and use the info from analyse to blackmail?


Well, it makes sense. You might have revealed some mental diseases while playing, but no one cared, and now hackers put it all together, and blackmail you by your e-mail (spam emails).

I doubt that the amount of games you have, TP, MP, etc would be of any value to anyone.

[ICECLIMBERS]

Most users ever online was 9984 on Wed Jan 02, 2019 3:39 pm

ok then

so when you send the email to everybody informing them of this (NUDGE) can you not include a link to this i don't want to die under heavy traffic

OK nevermind, I don't see a notification in game so ???

[LevinSnakesRise]

Most users ever online was 9984 on Wed Jan 02, 2019 3:39 pm

ok then

so when you send the email to everybody informing them of this (NUDGE) can you not include a link to this i don't want to die under heavy traffic

OK nevermind, I don't see a notification in game so ???

I'm assuming DDoS is taking place, as cloudflare protection kicked in.

Unless they're pooling everyone's emails together to send out mass emails, and it triggered the protection. Doubtful, but an even more reasonable explanation would be everyone accessing it at once.

[JamesD28]

⚠ Not secure | blankmediagames.com/phpbb/index.php

Has the site always been not secure or is it getting pwned again?
I swear I remember this place normally having a certificate

[flossiebell]

All payments go through PayPal so it's not like they know any of that stuff unless they conveniently decide to hack PayPal

What if we pay through Apple? Will our Apple information be safe as well?

[maggieryan27]

So what can someone do with my IP, I know it has my location and stuff but is there any way I can protect it without a VPN?

[LevinSnakesRise]

So what can someone do with my IP, I know it has my location and stuff but is there any way I can protect it without a VPN?

Depends on if you have a static IP or not. If you unplug your modem and wait a few minutes, then you can check and see if your IP has been changed. If so, then you don't really need to do anything otherwise to change it.

You also can use proxies, but I wouldn't rely on them. and they don't offer what VPNs do.

[Flavorable]

So what can someone do with my IP, I know it has my location and stuff but is there any way I can protect it without a VPN?

People can't do anything with your IP, except technically use your pc for a DDos attack if you have extremely lax router/modem security. Most ISPs use dynamic IP-addresses nowadays anyway, so if you don't feel secure, try contacting them and asking them how to reset your IP.