Security

Want something added or changed? Let yourself be heard here!
zzricezz
Ballboy
Posts: 3
And1: 1
Joined: Mar 13, 2011

Security 

Post#1 » by zzricezz » Mon Dec 20, 2021 7:17 pm

Hmm, got this alert today from identityguard.ca, there was a breach previously?

Dark Web Monitoring Alert
Login Credentials Found
Email Address
****
Password
****
Breach Name
Forums.Realgm.Com
Date Found
09/13/2021
CR Reina
Site Admin
Site Admin
Posts: 1,759
And1: 217
Joined: Sep 17, 2004
Location: RealGM
Contact:

Re: Security 

Post#2 » by CR Reina » Wed Dec 29, 2021 8:24 pm

zzricezz wrote:Hmm, got this alert today from identityguard.ca, there was a breach previously?

Dark Web Monitoring Alert
Login Credentials Found
Email Address
****
Password
****
Breach Name
Forums.Realgm.Com
Date Found
09/13/2021


No recent incident triggered this alert. In August, someone stole an admin password and logged in to change forum labels, and was removed in approximately 30 minutes. No database was accessed or available to access due to security in place – this has been reviewed several times and inspected closely.

The August incident led to other hackers bragging about an additional theft dating to 2015. This is likely what set off the warning.

There have been many breaches from large retailers and large online companies over the last six years. It is always a good idea to change passwords regularly, and certainly any that you used six years ago. RealGM collects no personal information other than the email that is used to register.
User avatar
KnicksGod
Site Admin
Site Admin
Posts: 68,377
And1: 30,154
Joined: Oct 10, 2003
   

Re: Security 

Post#3 » by KnicksGod » Wed Dec 29, 2021 10:04 pm

RealGM will defend itself vigorously against unfair statements about our business and all unlawful activity will be reported to law enforcement.

I would just add to the above, for the record at least, that issuing a security alert about RealGM at this time is not fair or accurate practice. It seems to be both delayed and thinly sourced, and based on some sort of questionable research using the dark web, and involved no contact with anybody at RealGM at all.

The other thing I'd add is that we have looked at the password use from August from every angle, upside and down, even though the database was not accessible at all by this single August password usage, and even though we don't even collect personal information in the forums database (other than emails). And BEFORE that August guy, our system was designed to fully protect against any database access, at all, and identify the forums label changes rapidly, as well as the guy using the password so he could be disabled, and it all worked as it was supposed to in short order.

So we take this highly seriously, no matter what info we collect, and we do so in such a way that we are constantly making improvements and refinements, on a daily and ongoing basis in a careful and conscientious way, even if there is nothing to be accessed and taken as in this case. RealGM's internal security systems are detail-oriented, thorough, layered, and tested in a way that is extremely rigorous and likely far more impenetrable than some of the biggest brand names online.
Semi-retired Knicks fan. Image

Return to Feedback and Suggestions