I would like to inform the people here on this site (Daniwebs) community know that my account here with Daniweb was not only accessed and found to have been accessed on the Darkweb, it was hacked. I have yet figured out exactly what they were using my account for, or to do while on my account yet and from where, what IP address or hopefully who. When I do figure this out, I will update as I make progress. A note to those that are quickly thinking "I must have used an unsecure password like password, 1234, admin, etc." well I assure you now that is not only not the case, it’s so far from the situation just as for my accessing from an unsecure location, again not possible! I am a very high functioning IT Cyber Security Specialist that is contracted by many companies as well as high level government contractor to do the something which was done to me with this one account (Daniweb). I access the accounts that shouldn’t be accessible, with that said, I don’t access my accounts using unauthorized or unsecure connections. I only access any of my accounts from secure buildings or my personal office and from one of my homes, which all are behind many security layers of firewalls, VPN's on top of additional VPN's that I have personally built, which I am paid well to build such security APP's, VPN's and set security protocols for my clientele. Also, most interesting, I don't access this site or account from Daniweb much at all, this is what worries me most and why I am writing this thread for to inform this community of such information. So, please let me if any member or members have had any such issues? If so, please post to this thread letting me/us know exactly what you discovered? Maybe from where this was done, and how? That is if you know! I highly recommend that people using this community check their accounts to see if such a violation has happened to them, I was alerted to this through my Capitol One account security and by LastPass Enterprise app that I use. This account is one of many that I use rarely, when I use these communities I also don’t use from same computers or while on any type of open Wi-Fi or internet connection, again this is what worries me the most also that this situation has only affected my Daniweb account, I have conducted a security audit to my over 400+ accounts and have only found one other issue which was a breach to a department store that didn’t affect my account with them directly, I still made the necessary changes to be safe. I take a lot of time when I decide to post something to a community, this is due to my work, knowing and teaching people such as CEO's, owners, high level shareholders, and certain individuals that I can’t even mention such positions or areas of work that they act in! I can say that after showing and teaching the dangers of unauthorized access is as well as what one can do when they get into someone’s systems, networks, and can use such access or/and information to go through many networks once accessed as well as use for serious masking when and if doing something to harm others. Must of all these people either tell me directly that they are in such fear that they now will be doing things different, I can also see the fear in their eyes on their faces. It is amazing to me that people still don’t take security that serious until they are hit by it hard or it causes serious issues like loss of money, their identity being used over 4000 thousand miles away. So, I do hope people here will post if they have had any such things happen or have had their account compromised, it is important! I couldn’t believe that searching through threads on Daniweb I found nothing of sorts, which would make this platform so perfect on the security front and would amaze myself along with millions of people, I just don’t see that to be the case, now I am the only one with an account that’s experience such an incident, especially with my over securing of my access!
Sincerely, CR
Hope to hear from the community!
Just a comment. That post is a solid wall of text that the current US President would love as it may be stopping folk from reading it.
Consider formatting it to a few paragraphs to make it readable. Unless the intent was "No one shall pass!" or reply.
Here is more information about the DaniWeb database breach: https://www.daniweb.com/community-center/daniweb-community-feedback/threads/506998/daniweb-database-breach
It happened in December 2015.
LOL I have had an account here for about a decade and a half, and I think its my first comment here, but WOW, what a post. Can you please format it in a readable format?
Recently verfied my account after I guess 10 years of not using it
Read about as far as the super duper user got wtfpwned
Then gave up as it was one rather long sentence, I could have copied it into notepad
Suspect the hackers do not have fear on their faces, but have probably read the account and have pissed themselves laughing so much :)
So if I changed my password and the password was not used in any other websites, what risk would I have? If sombody logs into my daniweb account, I don't think there is anything of value for me to be worried about. Please let me know if I'm missing something.
Paul
You are not missing anything, the real risk when any site/service is breached and credentials potentially stolen comes mainly from where the user has reused them across multiple sites/services. Threat actors make use of compiled databases of such things (see: https://www.forbes.com/sites/daveywinder/2019/02/01/2-2-billion-accounts-found-in-biggest-ever-data-dump-how-to-check-if-youre-a-victim) in automated 'credential stuffing' attacks and that's where the real value of compromised logins sit.
Even if you did use the same DaniWeb password elsewhere, DaniWeb passwords were well-protected and not breached during our 2015 hack.
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.