Moderator Account Accessed By 3rd Party

Pics

Nifty-Chicken

Administrator
BYC Staff
18 Years
Dec 26, 2006
45,362
52,468
1,832
California - SF East Bay
My Coop
My Coop
NOTE: From what we can see in the logs, NO USER INFORMATION WAS ACCESSED OR CHANGED!




Here's a high-level of what happened over the last hour:
  • At 11:07 am PST, we saw some really odd stuff... a bunch of threads were "soft deleted" (basically, they won't show up for members, but they are still in the system).
  • After some quick investigation, we discovered one of the moderator accounts was accessed by an unknown person who started to mass-delete threads.
  • Our team QUICKLY moved into action and:
  • Blocked the moderator's account
  • Forced all other moderators' accounts to new passwords
  • Started the process of "undeleting" the threads
Again, from what we can see in the logs, NO USER INFORMATION WAS ACCESSED OR CHANGED!

UPDATE: To clarify, moderators can NOT access Private Message conversations, passwords, etc.


We have limits on what our moderators can see / do, and fortunately those limits proved themselves very effective in this situation :)

Also, pretty much everything and anything a moderator does, can be completely undone by me :D

In the 15 years I've been running forums, this is the first time this has happened. That said, we're going to keep digging deeper into this to figure out what went wrong, and what needs to be done to prevent it in the future! For example, we will require all our moderators to use "2 factor authentication" moving forward. Usually this is only really important for Admins, but we want to add this additional layer for even more protection!

Thank you for everyone's patience as we worked through this, but a HUGE THANK YOU to our amazing team (especially @DuckLady) for such speedy response and help!



This is all a VERY good reminder to everyone:
  1. Use a unique password for all sites... i.e., don't use the same password for multiple websites.
  2. Use a password that is complex
  3. Change-up your passwords from time to time
 
Last edited:
BTW, we want peeps to be mindful of what they post in this thread. Please no screenshots or details of messages you received. If you have questions related to your specific account, please send me a private message.

All general questions (applicable to the site / all users) can be addressed here.
 
Fortunately these situations are rare, and BYC isn't really a huge interesting target. Often it's just someone bored or trying to take advantage of information they accessed elsewhere.

Also, while it was a bit of a anxiety-inducing / heart-attack situation for a while, once we narrowed it down to just one moderator account... and that the account (like all moderators) has limited access to information, access, etc., then we were considerably less worried and stressed... and the solution(s) were really straight-forward :)
 
It doesn't look like anyone or anything was targeted specifically... just a person accessed the account and immediately started deleting threads as quickly as they could before we shut them down.... which we did very quickly :D

It's kinda like how a thief robs a convenience store. They try to do as much as they can as quick as they can before the police get there.

Dog Police GIF
 

New posts New threads Active threads

Back
Top Bottom