Latest Announcemnent
New thread

Sborg.us hacked and Database online

Status
Not open for further replies.
ok this is a big disaster from sborg and all but it can be a bigger disaster if you people do not act now...

just change all the passwords of everything related to the sborg that you have .... e-mails, your filehosts acc, ap or pp accounts just to be secure if not it'll be all your fault in the end ;)
 
vizoomer said:
ok this is a big disaster from sborg and all but it can be a bigger disaster if you people do not act now...

just change all the passwords of everything related to the sborg that you have .... e-mails, your filehosts acc, ap or pp accounts just to be secure if not it'll be all your fault in the end ;)
Click to expand...

Exactly but why the hell is somik saying "do not worry" when you clearly need to worry and take immediate action. Sborg needs to as a matter of urgency contact it's clients and inform them that their details maybe public. They also need to post a far better and more informed official post than the crap they posted on their blog.

This is a time to forget about trying to protect your reputation and worry about protecting your clients security.
 
Mr Happy said:
Exactly but why the hell is somik saying "do not worry" when you clearly need to worry and take immediate action. Sborg needs to as a matter of urgency contact it's clients and inform them that their details maybe public. They also need to post a far better and more informed official post than the crap they posted on their blog.

This is a time to forget about trying to protect your reputation and worry about protecting your clients security.
Click to expand...
well if they still wanna save their reputation what you said is what should be done ..
 
Awrite a lot has been spoken about the issue.

I wanna highlight a post that was made by Somik on our topic http://www.wjunction.com/1044839-post1799.htm

He did mention that our main server was breached! Also, in my previous post as a security measure I asked all the clients to change their passwords.


@Happy, You seem pretty interested in this topic, Thanks for all the screenshots. They were not required.
 
KLxAg.png


Xfy03.png


CEEKQ.png



Their's hundreds of these. The more I go through the DB the more I find. Still "nothing to worry about"?

How are all clients meant to see some reply (reply number #1799) hidden in a topic with thousands of replies in a support topic? The way you have handled this is not acceptable and completely unprofessional. The fact that I even had to post the screenshots to get you to take appropriate action highlights your lack of interest in your clients personal details.
 
Halcyon said:
Awrite a lot has been spoken about the issue.

I wanna highlight a post that was made by Somik on our topic http://www.wjunction.com/1044839-post1799.htm

He did mention that our main server was breached! Also, in my previous post as a security measure I asked all the clients to change their passwords.


@Happy, You seem pretty interested in this topic, Thanks for all the screenshots. They were not required.
Click to expand...

Those screenshots were required so that users understand the severity.

You asked Clients to change passwords?
You should put up a warning
"CHANGE YOUR PASSWORDS NOW! THEY HAVE ALL BEEN COMPROMISED!"

And the post that somik made made it sound as if nothing really was stolen
as he said "To protect client informations, I've backed up all database and formated the server."

Obviously everything was stolen by that time and you failed to raise the alarm bells...

http://pokit.org/get/a487f36815e0a12fa13dc2122d94a8ae.jpg
 
Last edited:
Well, I hope they took the access logs before reformatting the old server. Otherwise they can't know where the bug is, and it will most likely happen again.
 
Hope that everything is solved and all clients are notified and all change their pass wherever they using the same pass.

Cant say about the paypal email though :(
 
Disaster indeed. You're taking this way too lightly, sBorg (whoever runs it). You need to let your clients know that everything they ever posted on sBorg has been compromised and made public including their IP addresses and passwords (which could be vital if used in more than 1 place).

Then, you need to step up your security on your servers, and close any loopholes before you even think about 'resuming' your operations.
 
I pitty those who had their sBorg password and EMail password same.. Sucks hard.. kinda astonished with somik's ingorance..

Edit: saw Happy's post.. Passwords weren't hashed. Thats kinda lame
 
Last edited:
PerMaFrOsT said:
Good luck to all Sborg´s clients :facepalm:

Thanks for show us all Mr.Happy
Click to expand...

I think you are getting wrong slightly.Not every sBorg client's security is breached.Only of sborg.us client's security is breached ,not reseller's hosting accounts as our client's passwords are on our servers.They are quite safe.

I think the password should be strongly hashed from now on.But Im sure somik and halycon won't leave any loopholes from now on :)
 
Halcyon said:
I've asked Somik to update sBorg main site with the required details.

Sorry for all the loss and trouble.
Click to expand...

That's just not good enough.

I think it's necessary to email all clients as well informing them of what happened and what action they should take. A post on the main site is not sufficient at this stage.

I still think ye are not understanding the severity of this. Peoples paypal, alertpay, moneybrokers are potentially at risk and urgent action is needed. Not just some blog post they may happen to see. What about old clients who's details you still have and won't visit your site to see the blog post?

Please, please try and understand how important the situation is.
 
Status
Not open for further replies.
Back
Top