What you need to know about the recent MangaDex data breach

[KuroAnsatsu]

I'm a bit ignorant about something like this...
Is it really safe to assume that there's no backdoor? I just hope it's not a zero day instead.
Although the pass had been hashed and salted, I still have to change my passwords in some account just to be safe and it's such a pain in the ass.

 

[SuraimuSuu]

Are the deleted groups recovered?

 

[aiMute]

10k BTC

For a oneway hashed dump, lol. If the guy hasn't done it for lulz and not planning to release useless info then he's a total imbecile.

 

[sterven]

@Richman

*fuiste

Don't fucking sass me boy I know how I spelt it.

Unless you're using a school/work/personal email id say fuck it personally I'm using a non essential.

 

[Zatosu]

Thank you for everything!

 

[tristan9]

@evolutionxbox yes, hashed with bcrypt and a randomized salt, so not abusable in the current state of technology. However, as technology advances, it might become abusable, so we still recommend as an excess of caution to change it, and same in other places if reused.

 

[Pratfo]

Really disappointing someone would waste everyone including themselves time and skills, pretty foolish if you ask me.
On another note, glad you guys are back!

 

[falledog]

meu deus que tristeza

 

[havelmom]

if you were already using a pw manager: hash leaks are useless
if you were using 12345 or any full words as pw: hash leak will leak your pw

 

[Dalkeri]

I can't activate 2FA... I entered it in Google authenticator but when I put the code during the configuration it says it's wrong (and it's a copy paste so...)

Any idea ? I tried on computer and mobile

 

[Yeh]

You did well in containing that one. Just out of curiosity, do the constant 504's and 502's have something to do with it? It's been doing that for the whole day

 

[Zeroisloco]

@Plykiya
at least i hope your team realized the hacker also leaked your BTC count and total value, the source code on nyaa + gitHub...

 

[nagisa]

O, no, my poor taste in mango got leaked worse than Clinton's mail was!

 

[dudinhatuts]

In january of this year, crucial data from more than 220 million people has been leaked on my country, Brazil. I honestly understand you guys, because if entire governments can make this mistake, a common website can make it too. I'm not saying it is cool, just... shit happens to everyone.
Nonetheless, I really appreciate the team's honesty and transparency.

 

[Toriichii]

Gotta agree with @Dobu on this though, what even is the point of 2FA if it got breached this way, isnt it supposed to help against breaches like this and not be compromised along with the rest?

 

[Plykiya]

@Zeroisloco The point of crypto is that all transactions are public. Finding the transactions based on a wallet that was already public isn't anything new.

@Toriichii 2FA stops people from ever being able to access your account via a password. Assuming that the other 99% of people trying to get into your account are trying to do it by a db breach is just being insincere.

 

[silverhawke]

great transparency, great breach report guys

 

[KatarSewert]

Could you guys tell us if/when that Hombreee releases the stolen data?
(Obviously only if you guys notice it somehow. And don't say were, that'd be stupid.)
Also the Hombreee apparently doesn't know the current market value of BitCoin
(BTC10k =~ $0,58 BILLION)
Thank you for providing us with a site filled with entertainment, which I don't have to first punch into a translator to then be able to laugh at.

 

[Marzinea]

Thank you for the hardwork~!

 

[Crash21]

good job mangadex team!! now back to reading big boobies and trash manga