What you need to know about the recent MangaDex data breach

[Cleesus]

Damn some people aint shit and dont have anything better to do

 

[Uncoupiedcandy]

Hombre

 

[YuuKiDBlazer997]

I see. Glad everything's back!

 

[Ares]

Yikes, using PHP in current year

 

[RandomnessOfTheMathWorld]

I can't even change my password lol

 

[supermoonchrome]

you guys were storing session tokens directly in the db
lmfao

@Plykiya i rest my case

 

[hvdvyve]

That hacker is a cunt.

 

[randomaccount294]

So how do we back up our follows et al.?

 

[Xroerbakei]

I wish all the best and goodluck!

I was asking my self something though, not sure if anyone can answer this, but does that mean that if my account was created after that (the 4 months ago datebase, say account created januari 2021), i could say its "safe" in a way?

Thanks in advance, and i hope these hackers get what they deserve.

 

[Mr_Detective]

Haven't changed my password yet. My bank account was hacked last year. Hope I won't have to go through anything similar again. >.<

Site is still slow and getting errors. Not sure if servers are still bad or just SL making things worse again...

So the hacker is Mexican or Spanish...?
- @Richman is Mexican
- @Richman speaks Spanish
- @Richman knows how to code

ARREST THIS MOTHER FUCKER!!!!

 

[Winterblacksmith]

Glad that this is back. I hope this doesn't happen again.

 

[JonnyMhl]

''10k BTC''

Lmao this 'hacker' guy is completely nuts, good thing is that the site is back.

 

[Shyboy]

My throwaway email got another breach lel, I think this make 15? Thx for the heads up and good jobs with the backups so our groups don't suffer much, except the downtime.

 

[cosmo87rg]

@Skullcrane886 you access with 2FA and you get a unique session ID. A session can expire after inactivity/closing the browser or can be set to stay alive for a specific time. If your session ID is cloned (from your PC or the site that generated it) someone else can act as yourself.

And to everyone else on the lolPHP bandwagon, I hope your job has nothing to do with IT. Otherwise I suggest you to change your career path.

 

[sheogorath]

Little did they know, my email was already hacked and lost ages ago.

 

[SageVonManga]

Is there a plan in place to make the site work good for a little while so we can update our passwords? Just keep getting 502 and 504 every time.

 

[Oured]

Now, will you use your bitcoin funds to actually make this place safe and stable, or will you wait for another breach to finally learn your lesson?

 

[Nobi]

Thanks for the report! I use random passwords for everything, so this is mostly a non-issue.

Anyway, this is partially your fault for using PHP.

 

[Halo]

My condolences to the people with very personal private messages they forgot to delete.

 

[sinisempi]

user a password manager everybody!!
@Oured that would end up as aggravated tax fraud or something