Forum rules
Under no circumstances is spamming or advertising of any kind allowed. Do not post any abusive, obscene, vulgar, slanderous, hateful, threatening, sexually-orientated or any other material that may violate others security. Profanity or any kind of insolent behavior to other members (regardless of rank) will not be tolerated. Remember, what you don’t find offensive can be offensive to other members. Please treat each other with the kind of reverence you’d expect from other members.
Failure to comply with any of the above will result in users being banned without notice. If any further details are needed, contact: “The team” using the link at the bottom of the forum page. Thank you.
renesdk
Posts: 1
Joined: Wed Jan 19, 2022 7:36 pm

Re: We have been HACKED

Wed Jan 19, 2022 7:40 pm

I'm furious. We should have been informed in August 2021 when this happened initially.

I got the information about this leak through Private Internet Access new ID Guard feature.... that means I was informed through a 3rd party about this data leak, not directly by you guys. That's just no okay.

war59312
Posts: 1
Joined: Thu Jan 20, 2022 12:25 am

Re: We have been HACKED

Thu Jan 20, 2022 12:32 am

When I signed up for these forums the email shows:

rulez.sk did not encrypt this message

Subject: ***SPAM*** Welcome to \"OpenSubtitles forum\"

Wow. Should fix that asap!

Also, how about adding Two-factor authentication. At least e-mail verification link sent to login or via SMS (least secure). Of course support for Time-based One Time Password(TOTP) and HMAC-based One Time Password(HOTP) would be much better, think Google Authenticator, Authy, etc. Even better would be support for FIDO compliant security key, think YubiKey and Google Titan Security Key.

TheRainMan
Posts: 1
Joined: Thu Jan 20, 2022 5:53 pm

Re: We have been HACKED

Thu Jan 20, 2022 6:03 pm

I also recommend changing the password to the email address associated with your opensubtitles account. That's what I found entering my email address in the site Have I Been Pwned...



Image

harlemblues
Posts: 1
Joined: Thu Jan 20, 2022 8:55 pm

Re: We have been HACKED

Thu Jan 20, 2022 8:58 pm

Why are you referring to the hacker as a "he"? Did they gave you their real identity? You talked to them? I don't think so, which makes your statement highly sexist.

jizzjazz
Posts: 1
Joined: Thu Jan 20, 2022 9:44 pm

Re: We have been HACKED

Thu Jan 20, 2022 9:52 pm

I don't think so
Exactly. You don't think so, but you don't know so.
Which makes your statement highly assumptive, mood-setting and most of all off-topic.

Come on. OpenSubtitles fucked up. And they fucked up big time. In fact, personally, I am not amused at all. But don't get over the top.

Thank you (f/m)

User avatar
pooond
Posts: 46
Joined: Thu Dec 12, 2019 1:08 pm

Re: We have been HACKED

Thu Jan 20, 2022 10:22 pm

Come on. OpenSubtitles fucked up. And they fucked up big time. In fact, personally, I am not amused at all. But don't get over the top.

Thank you (f/m)
Can agree to that. As far as I'm aware, Subscene was hacked and down for about a week several months ago and so was Addic7ed, but nothing publicly has been admitted. Not really. It's going around. Wouldn't be surprised if others were hacked, too. The others aren't hitting the "headlines" as much, though.

Best thing to do is make sure your passwords are changed. Especially if one used this password for other websites. And as others have mentioned before, best to invest in a password manager for complex passwords.

According to opensubtitles.com website, that site wasn't hacked, but if your passwords are the same there as here (.org), best to change that, too.

Image

nekro999
Posts: 6
Joined: Thu Jan 20, 2022 7:42 pm

Re: We have been HACKED

Fri Jan 21, 2022 12:48 pm

What is more worrying then passwords as mine is not same anywhere else is IP.
Why does the database contain users IP!!
I understand for abuse user you ban IP but this should be site wide.
Can someone say if database contained every user's IP?

nekro999
Posts: 6
Joined: Thu Jan 20, 2022 7:42 pm

Re: We have been HACKED

Fri Jan 21, 2022 1:03 pm

Also do open subtitles keep logs of what a user download's in the database dump that was put online?

User avatar
oss
Site Admin
Posts: 5879
Joined: Sat Feb 25, 2006 11:26 pm
Contact: Website

Re: We have been HACKED

Fri Jan 21, 2022 2:05 pm

hi, leaked db contains last IP (1 IP), it is always good idea to use VPN. We keep IP for abuse, and protecting site against leeching. The logs of downloads was not leaked.

nekro999
Posts: 6
Joined: Thu Jan 20, 2022 7:42 pm

Re: We have been HACKED

Fri Jan 21, 2022 2:14 pm

hi, leaked db contains last IP (1 IP), it is always good idea to use VPN. We keep IP for abuse, and protecting site against leeching. The logs of downloads was not leaked.
So you do keep log's of downloads?
This is not good it's very bad for all users.

User avatar
scooby007
Site Admin
Posts: 837
Joined: Thu Mar 05, 2009 10:49 pm
Location: Scandalous

Re: We have been HACKED

Fri Jan 21, 2022 4:35 pm

@cdeOS:
Please post that in: viewtopic.php?f=1&t=17548
I'm not getting anything like that on my system. For now try incognito mode/private window and see if that helps.
Especially on another browser. Firstly clear your OS cookies/cache and enable java script, if you can. Then reload page.
If not, then post in above linked topic. Don't think anyone's going to respond to debug info in here. This not the topic for it.

@nekro999:
On your profile it says "Downloaded subtitles:" and that's where everything a user has downloaded can be found. A lot of major subtitle sites makes that info available to the account holder so you can rate and comment on past subs you've used. Can't see that changing. Whole subtitling community and torrent sites are deemed illegal, anyway. If one is worried about things like that leading back to them, then should be using a VPN and throw away accounts or email aliases address for torrenting, etc.
Nowadays a VPN is a must for everyone. A VPN allows you safe surfing and protects you against spying governments and companies who collect your data. Click below image for more details and reduce your online digital footprint.

Image

furtinin
Posts: 1
Joined: Fri Jan 21, 2022 8:51 pm

Re: We have been HACKED

Fri Jan 21, 2022 8:56 pm

Well, it happens... maybe next time don't let 5 months pass by before telling us we should change our passwords, you could have easily reset everyone's passwords and sent a notification, after fixing the database's security issue :)
so there's a little confusion here.

nothing was leaked in august, we followed the hackers request, secured our services, hired an extra sysadmin, ran extra audits.

then on january 11th we received the same request, from the same data breach, but from what seemed to be a collaborator of the original hacker, we contacted the first hacker who promised he'll solve the issue for us, but he didn't.

the data seems to have been leaked on the 14th january, we heard of it on the 15th, rushed to lock all accounts and setup the force change password strategy, posted here on the 18th.

yeah we messed up, we got scammed and screwed, lost months of revenue to try and avoid the leak for nothing, but it's not like we did nothing in 5 months...
There is no confusion. The data was breached months ago and you didn't inform your users. You are absolute morons for paying a ransom and even more for believing they wouldn't attempt to get more money out of you with the same data.

You have screwed the security of your users, and you've literally pubicly announced that hackers can get money from hacking websites of idiots. Then again it's not really surprising coming from this shitty website.

ThePrutser
Posts: 1
Joined: Sat Jan 22, 2022 12:26 pm

Re: We have been HACKED

Sat Jan 22, 2022 12:29 pm

First all thank you for your thorough explanation on what happened and how you have mitigated the security issues, but....
yes there is always a but ;)

This sentence: *Accept our humble excuses*, doesn't mean what you think that it means. Something tells me it was written by a Dutch person with all the best intend, but *excuses* translates to *smoesjes*. I guess what you did mean to say is: "Accept our humble apologies"

User avatar
oss
Site Admin
Posts: 5879
Joined: Sat Feb 25, 2006 11:26 pm
Contact: Website

Re: We have been HACKED

Sat Jan 22, 2022 12:31 pm

thanks will update sentence :)

Seychellois
Posts: 1
Joined: Sat Jan 22, 2022 2:40 pm

Re: We have been HACKED

Sat Jan 22, 2022 2:43 pm

The site was created in 2006 with little knowledge of security, so passwords were stored in md5() hashes without salt
This is pure incompetence on your part, it being created in 2006 is not an excuse to have AWFUL security, you didn't realize maybe a decade later that you should probably update how you store passwords? (AKA switching away form god awful MD5) :roll: :roll:

Return to “General talk”

Who is online

Users browsing this forum: Ahrefs [Bot] and 55 guests