Latest Announcemnent
New thread

Sborg.us hacked and Database online

Status
Not open for further replies.
I know what Mr Happy is implying.
Dont wait for a dozen of complaints in your site telling sborg team that their personal information is not safe.
MrHappy just want to help those who dont know what happened so that their money wont be stolen from them.
 
Mr Happy, why so much hate against the sBorg guys? They are also "only" humans... Everyone can fail, even you (and don't tell me you never did). Even the best host, even the biggest site...

Also, it's a fucking Sunday, people have other things to do than spending the whole day in front of the computer... think about it?

I'm sure sBorg is doing everything to fix this etc, and I'm sure there is much more going on behind the scenes than here on WJ.

Mr Happy, no offense tho, just my 2 cents :)
 
pi0tr3k said:
Mr Happy, why so much hate against the sBorg guys? They are also "only" humans... Everyone can fail, even you (and don't tell me you never did). Even the best host, even the biggest site...

Also, it's a fucking Sunday, people have other things to do than spending the whole day in front of the computer... think about it?

I'm sure sBorg is doing everything to fix this etc, and I'm sure there is much more going on behind the scenes than here on WJ.

Mr Happy, no offense tho, just my 2 cents :)
Click to expand...

Sunday? It happened three days ago on the 6th of October. http://www.wjunction.com/1044839-post1799.htm pi0tr3k and they have done pretty much nothing about it.
 
Apathetic, Stay away from the topic if you don't know what's going on :) Thanks!

@All, Alright that's enough now. We always asked clients to change their login(filehost/server) info as soon as we took care of their issues. I've announced a notice on sBorg forums and the same has been done on the site too.

Regarding sending mass mail, We've thought about that and it'll probably get us banned. Although, I'll continue sending mails in chunks to people just to make sure they get notified about the issue.
 
When a user opens a support ticekt, saying he/she cannot upload to a filehost and the error says "error loggin in" or something similar, we ask for the users filehost username and password. After we solve the issue, we ask the user to change their filehost details immediately as they have given us (sborg staff) their filehost details. On occations, we ask for server's root password to setup servers. When we are done, we reply "you can change your server password now".

On every occasion that our users give us their username and password, we ask them to change it so that they cant hold us responsible for anything that happens to their account after that.

Unfortunately the body of the support ticket are stored in plain text so their old username & passwords are visible. In order to avoid future problems like this, we'll be deleting support tickets occasionally.

As for the so called "passwords" that you are wondering if they are hashed or encrypted, those are actually their old sBorg keys, which has already been changed automatically for every client. If you do not have your new sBorg key yet, open a support ticket here and it'll be mailed to your email address.

As for the names, those are of sBorg staff, not client details. As for IPs, they always gets logged no matter which site you go to. Even wjunction (or warez-bb) logs your IP when you post anything.

Now, we'll be busy emailing our clients. Let me know if you need anything else cleared up.
 
Last edited:
Mr Happy should not be the one telling your customers the true scale of the problem.

Please, man up and stop with the bullshit, save what little respect you have on these boards and admit how badly you fucked up.
 
somik said:
When a user opens a support ticekt, saying he/she cannot upload to a filehost and the error says "error loggin in" or something similar, we ask for the users filehost username and password. After we solve the issue, we ask the user to change their filehost details immediately as they have given us (sborg staff) their filehost details. On occations, we ask for server's root password to setup servers. When we are done, we reply "you can change your server password now".

On every occasion that our users give us their username and password, we ask them to change it so that they cant hold us responsible for anything that happens to their account after that.

Unfortunately the body of the support ticket are stored in plain text so their old username & passwords are visible. In order to avoid future problems like this, we'll be deleting support tickets occasionally.

As for the so called "passwords" that you are wondering if they are hashed or encrypted, those are actually their old sBorg keys, which has already been changed automatically for every client. If you do not have your new sBorg key yet, open a support ticket here and it'll be mailed to your email address.

As for the names, those are of sBorg staff, not client details. As for IPs, they always gets logged no matter which site you go to. Even wjunction (or warez-bb) logs your IP when you post anything.

Now, we'll be busy emailing our clients. Let me know if you need anything else cleared up.
Click to expand...

OMG more lies. We can clearly see in the DB how you reply and you do NOT always tell clients to change their passwords after you have fixed the issue.
 
somik said:
Update: All clients have been email.

Anything else you would like to recommend Mr. Happy?
Click to expand...

Yes... it's too late for some clients.

Using the information in your database I've managed to gain access to one of your clients personal websites. Don't worry. I've done this before when boxhead used to hack websites and helped his victims secure and fix their sites and have already contacted the client in question.

Unfortunately unlike when boxhead hacked a site it only affected one person not a few hundred in this case so it's impossible for me to help every client.

I recommend some compensation for your clients would be in order considering the magnitude of this what I can only describe as "fuck up".

If any of your other clients have questions about security I'd be happy to help them.

pD9qP.png
 
Awrite I've personally mailed all the clients, Got lots of delivery failed errors and mailed via two accounts(hotmail and gmail).

I appreciate your help Happy, thanks.
 
V1rgin said:
Mr Happy should not be the one telling your customers the true scale of the problem.

Please, man up and stop with the bullshit, save what little respect you have on these boards and admit how badly you fucked up.
Click to expand...

somik said:
Update: All clients have been email.

Anything else you would like to recommend Mr. Happy?
Click to expand...

somik said:
I am not that emo type that i would be feeling sorry for the action of a hacker for 4 days.
Click to expand...


he shows no kind of concern or worry about the database hacked and all the people who may be alreasdy loose some of their premium acc or even paypal alert pay accs.... Mr. Happy looks more worried about this situation than owner :facepalm:
 
Last edited:
Status
Not open for further replies.
Back
Top