NVIDIA's forums breached

Discussion in 'Video Cards and Displays' started by Rob Williams, Jul 13, 2012.

  1. Rob Williams

    Rob Williams Editor-in-Chief Staff Member Moderator

    12,080
    1
    Jan 12, 2005
    Atlantic Canada
    Got this e-mail earlier:

    Dear NVIDIA Forum User,

    We suspended operations of the NVIDIA Forums last week in response to suspicious activity and immediately began an investigation. We apologize that our continuing investigation is taking this long. Know that we are working around the clock to ensure that secure operations can be restored.

    Our investigation has identified that unauthorized third parties gained access to some user information, including:

    • username
    • email address
    • hashed passwords with random salt value
    • public-facing “About Me” profile information

    NVIDIA did not store any passwords in clear text. “About Me” optional profiles could include a user’s title, age, birthdate, gender, location, interests, email and website URL – all of which was already publicly accessible.

    NVIDIA is continuing to investigate this matter and is working to restore the Forums as soon as possible. We are employing additional security measures to minimize the impact of future attacks.

    All user passwords for our Forums will be reset when the system comes back online. At that time, an email with a temporary password, along with instructions on how to change it, will be sent to your registered email address.

    As a precautionary measure, we strongly recommend that you change any identical passwords that you may be using elsewhere.

    NVIDIA does not request sensitive information by email. Do not provide personal, financial or sensitive information (including new passwords) in response to any email purporting to be sent by an NVIDIA employee or representative.

    Check back on the NVIDIA Forums for updates.
     
  2. Psi*

    Psi* Tech Monkey

    751
    0
    Jun 17, 2009
    Westport, CT
    I saw that yahoo was hacked this past week & I was actually able to download the list of ids & passwords. I was not in the list nor was anyone I know. Yahoo email is not so popular.

    As I said in the androidforums alert, have a unique password for things like paypal. My paypal was broken into once but I caught it while it was happening. "I" was making donations all less than $100 to many people very quickly. Right before my eyes and I could not halt it. I called paypal who did halt the operation and restored my funds over the course of a couple of days.

    That password was used on other logins, maybe even techgage? Wasn't there a breakin here once? If not here it was on someother forum ... never do that again!:eek:
     
  3. Rob Williams

    Rob Williams Editor-in-Chief Staff Member Moderator

    12,080
    1
    Jan 12, 2005
    Atlantic Canada
    No sir, we've never had issues like that before.

    On the topic of passwords though, ever since I discovered Lastpass, I can't look back. I have about 30 or so logins stored in there, and all of the passwords are unique. If a site gets hacked, I'm none-too-concerned if the password is discovered. As a backup I keep the same passwords in a secret file, in case Lastpass ever decides to disappear one day.
     
  4. Psi*

    Psi* Tech Monkey

    751
    0
    Jun 17, 2009
    Westport, CT
    Good to know, lastpass has been recommended to me before by a guy that works in a call center who is not directly responsible for security ... but is.
     

Share This Page