Security Breach

Hello Everyone,

I wanted to start this update by saying thank you all for your patience regarding our site being down. This update will cover the cause of the site being down and what our next steps are.

Starting at mid-afternoon PST (-8:00) on Friday, August 14, 2020, our servers came under attack and have been since that time. I am unsure as to what the attackers have been after. I confirmed that they never got access to anything past the front end of our web servers. They never gained access to other parts of our server, including our MySQL database. This database holds our encrypted user data (Please note that all donation payment data is not stored on our site, but is all handled through our third-party payment processor Stripe)

What did these attackers manage to do or get? From what I can tell, the attackers didn’t manage to take or gain access to any sensitive data on our servers. However, what they accomplished was a Java Script injection on the front end of our website. This injection put code that would redirect our users to an external site. This site was posing as a google re-captcha security page to our site. It was requesting you to allow a plugin or click that you are not a robot to access our website. Do not ever click on these as that site is trying to get you to download malware or a virus. Our website has and never will use google ReCaptcha to validate if a user is a bot or human to access the webpage. However, we do use ReCaptcha in some of our forms to validate that it is a valid submission.

Except for a Cloudflare browser verification check, if our website ever redirects you to a page upon loading other than https://helgrind.live/ such as a page mentioned above, close it immediately.  Please contact one of our staff members on Discord to notify us of the issue. 

Moving forward, what are we changing? We have updated our servers and site security protocols to try to prevent this in the future. No security protocol or procedure is faultless and without compromise. Due to this, we cannot guarantee that this won’t happen again. We take security seriously and will always do what we can to prevent unauthorized entry to any of our/your data.

On top of updating our security to minizine the chance of unauthorized access/changes happening again, we have purged all user’s password data from our site. An email request will have been sent to you to reset your password. The password reset link will expire at midnight PST on Wednesday September 9th, 2020. If the link expires, you can click the forgot password under our login on our website to recover your account.

We did this to be safe even though we are confident that they didn’t get access to this data. It is essential to use different passwords on different sites/accounts. This is the best practice to ensure that if a compromise does happen and your information is leaked, it would minimize the damage and work needed to recover your accounts. This will ensure they only have potential access to one account. It is not easy to do, but it can be done easier with a password manager like LastPass. They are the free vendor I use to generate random passwords and to encrypt and keep track of my passwords.  However, this is not an endorsement for them as many other competitors are just as secure and offer different features (Research which one is best for you and your needs).

We want to thank you for your patience and sticking with us while we address this issue. We strive for both security and transparency in everything we do and offer for our community members, as that is what you deserve. We will continue to improve in all aspects of our community to provide you with new and improved services.

If you have any questions, please reach out to one of our staff members on Discord or via our website contact us page.

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments