Zum Inhalt springen

Empfohlene Beiträge

  • 2 Monate später...
  • 3 Wochen später...
Geschrieben

Roll20 wurde gehackt. Ich poste nachstehend die Mail, die ich diesbezüglich als Warnung erhalten habe zur Info:

Spoiler

Hello Roll20 User,

We are writing to tell you about a data security incident that may have exposed some of your personal information. We take the protection and proper use of your information very seriously. For this reason, we are contacting you directly to explain the circumstances of the incident. 

On June 29, 2024, at 6:30 P.M. Pacific Time, Roll20 learned that an administrative account was compromised. By 7:30 P.M. Pacific Time, we acted to ensure that all unauthorized access was blocked, and we began the process of investigating the incident to determine the scope.

Following our investigation, we learned that the unauthorized third-party had access to administrative tools, which may have resulted in the exposure of personal information, such as your:  first and last name, email address, last known IP address, and the last 4 digits of your credit card (solely if you had a stored payment with us).

Notably, the compromised administrative tooling did not expose your password or your full payment information, such as your address or credit card number.

While we have no reason to believe that your personal information has been misused, we are notifying you out of an abundance of caution.

We take your privacy and security very seriously, and we deeply regret that this incident occurred. We will be implementing an action plan to further enhance the security of our administrative tools going forward.

If you have questions, or if you would like to view a copy of your account data that the third party may have had access to, please reach out to us at https://help.roll20.net and create a support ticket with the subject line “Incident Data Request” and we will be happy to assist you.

Here are some resources containing good best practices for protecting your information online which we recommend: https://consumer.ftc.gov/online-security

 

  • Like 1
  • Thanks 3
Geschrieben
vor 53 Minuten schrieb Hiram ben Tyros:

Roll20 wurde gehackt. Ich poste nachstehend die Mail, die ich diesbezüglich als Warnung erhalten habe zur Info:

  Versteckten Inhalt anzeigen

Hello Roll20 User,

We are writing to tell you about a data security incident that may have exposed some of your personal information. We take the protection and proper use of your information very seriously. For this reason, we are contacting you directly to explain the circumstances of the incident. 

On June 29, 2024, at 6:30 P.M. Pacific Time, Roll20 learned that an administrative account was compromised. By 7:30 P.M. Pacific Time, we acted to ensure that all unauthorized access was blocked, and we began the process of investigating the incident to determine the scope.

Following our investigation, we learned that the unauthorized third-party had access to administrative tools, which may have resulted in the exposure of personal information, such as your:  first and last name, email address, last known IP address, and the last 4 digits of your credit card (solely if you had a stored payment with us).

Notably, the compromised administrative tooling did not expose your password or your full payment information, such as your address or credit card number.

While we have no reason to believe that your personal information has been misused, we are notifying you out of an abundance of caution.

We take your privacy and security very seriously, and we deeply regret that this incident occurred. We will be implementing an action plan to further enhance the security of our administrative tools going forward.

If you have questions, or if you would like to view a copy of your account data that the third party may have had access to, please reach out to us at https://help.roll20.net and create a support ticket with the subject line “Incident Data Request” and we will be happy to assist you.

Here are some resources containing good best practices for protecting your information online which we recommend: https://consumer.ftc.gov/online-security

 

Ja, die hatte ich vor 2h auch im Mailfach.

Geschrieben
vor 29 Minuten schrieb dabba:

Schon wieder? Das war doch schon 2019 passiert.

Nicht vergleichbar. Der 2019 war die Mutter aller Breaches. 

Das jetzt eigentlich Business as usual. Es wurde informiert, dass ein Adminaccount kompromotiert wurde und der halt Zugriff auf sensible Daten wie Mailadressen, Namen und evtl. die letzten viel Ziffern einer hinterlegten Kreditkarte.

Das ist nicht schön. Aber heutzutage eigentlich nichts aufregendes. Zumal nicht mal klar ist, ob überhaupt irgendwelche Daten abgeflossen sind. 

Ich empfinde das Vorgehen und die Informationspolitik von Roll20 da echt vorbildlich. 

  • Like 2
Geschrieben
vor 14 Minuten schrieb Panther:

hmmm. habe keine Mail erhalten... nur Premium Accounts?

Nope, ich hab keinen Premium und hab die mail trozdem,...

  • Like 1
Geschrieben
vor 21 Minuten schrieb Abd al Rahman:

Hab ich mir bei allen solchen Meldungen angewöhnt. Sicher ist sicher. 

Von 12345 wieder zurück auf 54321?

Azu ( der Raffinierte ) bi

  • Haha 2
Geschrieben (bearbeitet)
vor 33 Minuten schrieb Kazzirah:

Du mutiger... ich bleib bei 32.

Für eine 64bit-Verschlüsselung braucht man doch 64 alphanumerische Stellen mit Sonderzeichen, oder? :lookaround:

Bearbeitet von Octavius Valesius

Erstelle ein Benutzerkonto oder melde Dich an, um zu kommentieren

Du musst ein Benutzerkonto haben, um einen Kommentar verfassen zu können

Benutzerkonto erstellen

Neues Benutzerkonto für unsere Community erstellen. Es ist einfach!

Neues Benutzerkonto erstellen

Anmelden

Du hast bereits ein Benutzerkonto? Melde Dich hier an.

Jetzt anmelden
×
×
  • Neu erstellen...