Security Concerns

**Dai-kun** · 03-09-2017, 07:06 PM

Many of you guys have received e-mails this morning regarding Aarinfantasy's leaked user database.

The database contains information containing your usernames, passwords (encrypted), IP addresses, e-mails, etc.

Even though the password is encrypted, it can be matched with existing decrypted passswords to figure out what your password is, especially if it's a weak password, like 'abc123' or 'password'.

I highly recommend that you change your password on aarinfantasy and any other sites with the same password.

The hackers accessed a vulnerability in the forum software, vBulletin, and was not patched in time. From there, they could start figuring out the passwords.

A couple of our admins had relatively weak passwords which the hackers were able to figure out and were able to log in and access the admin control panel to send out the e-mails. Fortunately, no serious loss of data occurred.

I've taken steps to prevent such an event from happening again and apologize for the inconvenience and trouble this may have cause you.

**aarinfantasy** · 03-09-2017, 09:00 PM

Thank you so much Dai, I was asleep when all this is happening.

For those who asked about my Twitter account, it's safe because it no longer has ties with the forum's email. Previously it was under the forum's email and that's why that got hacked too.

**Munemasa Katagiri** · 03-10-2017, 08:19 AM

I wonder what people like those have on their minds.

**RavenM** · 03-10-2017, 09:20 AM

Well if they tried to get mine... it went to a dead email account and thank god I had started to change all my passwords last week! Good luck guys...

**keikazama** · 03-10-2017, 01:38 PM

I appreciate all you do!
Thank you for the notification.

**Silverfang** · 03-10-2017, 07:38 PM

Thank you for the heads-up!

**charo** · 03-11-2017, 06:14 PM

@Dai-kun, thank you so much for fix on AF and the red sign virus warning is gone!

i changed my password for AF yesterday.
i am not sure about my log on Aarinfantasy is not secure for my computer.

see example
i enter AF website, it is not secure

for example, i go to other website such as Google, Hotmail, YouTube, all are "Secure"

i wonder if other AF members have same problem with log in AF for not secure?