What you need to know about the recent MangaDex data breach
- Thread starter Plykiya
- Start date
- Status
- Joined
- Feb 22, 2021
- Messages
- 1
The hacker was probably asking for 10K in BTC right? Considering they spammed hombre, maybe english isn't their first language and they just made a grammar mistake, or they are clueless about the conversion rates. Or am I just missing the joke and people are intentionally dunking on them for making a grammar mistake?
- Joined
- Jan 5, 2020
- Messages
- 3
Thank you for transparency!
Active member
- Joined
- Dec 14, 2020
- Messages
- 51
Someone tell me what 2FA and RSS mean on MangaDex pleeeeaasssee
I can only imagine that the people spamming "LOOOL PHP" are either programming amateurs, rank green students or just people bandwagoning on internet programming memes.
If you really did work in an IT related field where using or not using PHP is a consideration for you, you would at worst acknowledge that PHP has faults that are not directly related to the breach, at best you would have said nothing. PHP has decent-good performance, can be implemented broadly for just about anything, and you'll always be able to find someone who can build it for you.
The most clueless are those who insinuate that not only is PHP bad, it's dead. Please, almost everything uses PHP, and while its not going to be as popular in the future, it's going to continue to stick around for years if not decades.
As for the session credentials issue....well I agree with some here that accounts with admin rights should always need to reauthenticate. Is it a criminal sin for a site that doesn't store much sensitive information beyond internal activity and login credentials?....Hardly. I'd just say it's something that can change now that this has happened, but it's not exactly a huge mistake.
If you really did work in an IT related field where using or not using PHP is a consideration for you, you would at worst acknowledge that PHP has faults that are not directly related to the breach, at best you would have said nothing. PHP has decent-good performance, can be implemented broadly for just about anything, and you'll always be able to find someone who can build it for you.
The most clueless are those who insinuate that not only is PHP bad, it's dead. Please, almost everything uses PHP, and while its not going to be as popular in the future, it's going to continue to stick around for years if not decades.
As for the session credentials issue....well I agree with some here that accounts with admin rights should always need to reauthenticate. Is it a criminal sin for a site that doesn't store much sensitive information beyond internal activity and login credentials?....Hardly. I'd just say it's something that can change now that this has happened, but it's not exactly a huge mistake.
Member
- Joined
- Jan 24, 2018
- Messages
- 146
@BlueStallion44
https://en.wikipedia.org/wiki/Multi-factor_authentication
https://en.wikipedia.org/wiki/RSS
https://en.wikipedia.org/wiki/Multi-factor_authentication
https://en.wikipedia.org/wiki/RSS
- Joined
- May 19, 2020
- Messages
- 15
Suddenly I find myself wishing for hackers full of tortue imprisonment
Involving killing important for that person pepole in front of him
Who new chaning my password can make me this angry...
Glad you are back <3
Involving killing important for that person pepole in front of him
Who new chaning my password can make me this angry...
Glad you are back <3
Active member
- Joined
- Dec 14, 2020
- Messages
- 51
While I am thankful that the site is up and that the administrators did they task there is one thing I wish:
Instead of just putting up a unhelpful message about emergency shutdown without giving any information they should have immediately told that they got hacked. As they anyway took the time to inform through Twitter (and even searching for a picture to add to the announcement) they could as well have written something like this:
"We got hacked and currently we try to determine what information they have been able to dump from us. We are also working on fixing the security holes and restoring the site. Meanwhile, if you used the same password somewhere else, please change it."
It is not like I ask them to give continuous updates when things go wrong, but some kind of transparency as they have a lot of information about us. Some users have even told that their bank information is stored at Mangadex and we as users might want to take our own countermeasures.
Instead of just putting up a unhelpful message about emergency shutdown without giving any information they should have immediately told that they got hacked. As they anyway took the time to inform through Twitter (and even searching for a picture to add to the announcement) they could as well have written something like this:
"We got hacked and currently we try to determine what information they have been able to dump from us. We are also working on fixing the security holes and restoring the site. Meanwhile, if you used the same password somewhere else, please change it."
It is not like I ask them to give continuous updates when things go wrong, but some kind of transparency as they have a lot of information about us. Some users have even told that their bank information is stored at Mangadex and we as users might want to take our own countermeasures.
Group Leader
- Joined
- Jul 22, 2018
- Messages
- 46
I thought it was very strange to see a post of the mangadex code in the software section on nyaa.
Glad it has been sorted out
Glad it has been sorted out
- Joined
- Apr 18, 2020
- Messages
- 37
For future purposes, can't you automate a script to periodically create and overwrite a docker image of the servers status so that in any emergency you can revert to that docker image?
Hopefully this will be the last such incident.- Joined
- Nov 29, 2020
- Messages
- 2
please let me know how to delete my account!! And please delete it soon
Double-page supporter
- Joined
- Jun 11, 2018
- Messages
- 241
@superfan1224 you can post it here
https://mangadex.org/thread/178895/87/#post_5037333
https://mangadex.org/thread/178895/87/#post_5037333
Fed-Kun's army
- Joined
- Jan 24, 2018
- Messages
- 160
7th time.
My filter chapter languages was suddenly set to Arabic when I relogged with 'Remember Me' ticked on. Not sure how that came to be, but it went back to what I had originally set it to after switching to a different mangadex tab and checking, just in case, I'll clear cookies AGAIN.
- Status
Similar threads
- Suggestion
