BAD NEWS: Tikiroom.com hacked - General Tiki

H hanford_lemoore Tiki Socialite Tiki Central Joined: Mar 23, 2002 Posts: 1899	H hanford_lemoore Posted posted on Mon, May 10, 2004 3:05 PM Hi all, I was out of town all last week, and on Wednesday Tikiroom.com was hacked into. The homepage of the site was changed. Anyone visiting http://www.tikicentral.com got a Hacker's message. It appears as though this is all the hacker did, although truth be told there's no telling what else the hacker looked at and/or tampered with. Typically though, hackers who want to pry don't deface websites as it tips their hat that they're there. WHAT THIS MEANS TO YOU: Tiki Central doesn't really store any important information, although it is possible the Hacker got your email address and your address if you purchased a Grand Membership. But please be aware: Passwords on Tiki Central are stored with one-way hackproof encryption. Your password as it is stored was not accessable to the hacker. Credit card and paypal information is NOT stored on Tikiroom.com (even if you purchased a Grand Membership). Your email address is stored on Tikiroom.com and it's possible the hacker got that. What s/he could do with it is limited to spam, basically. Let me point out here that at this point it in unknown what the hacker actually did. WHAT THIS MEANS TO ME: I will be looking into new security upgrades this week, and it is possible that Tikiroom.com and Tiki Central will have to go off-line for a day or two in order to change things. I will keep you posted. Finally I'd like to sum it all up with: AAAAAARRRRRRRRHGGGGGHHHHH! Mahalo, Hanford [ Edited by: hanford_lemoore on 2004-05-10 18:28 ]

Hi all,

I was out of town all last week, and on Wednesday Tikiroom.com was hacked into.

The homepage of the site was changed. Anyone visiting http://www.tikicentral.com got a Hacker's message.

It appears as though this is all the hacker did, although truth be told there's no telling what else the hacker looked at and/or tampered with. Typically though, hackers who want to pry don't deface websites as it tips their hat that they're there.

WHAT THIS MEANS TO YOU:
Tiki Central doesn't really store any important information, although it is possible the Hacker got your email address and your address if you purchased a Grand Membership. But please be aware:

Passwords on Tiki Central are stored with one-way hackproof encryption. Your password as it is stored was not accessable to the hacker.
Credit card and paypal information is NOT stored on Tikiroom.com (even if you purchased a Grand Membership).
Your email address is stored on Tikiroom.com and it's possible the hacker got that. What s/he could do with it is limited to spam, basically.

Let me point out here that at this point it in unknown what the hacker actually did.

WHAT THIS MEANS TO ME:

I will be looking into new security upgrades this week, and it is possible that Tikiroom.com and Tiki Central will have to go off-line for a day or two in order to change things. I will keep you posted.

Finally I'd like to sum it all up with: AAAAAARRRRRRRRHGGGGGHHHHH!

Mahalo,

Hanford

[ Edited by: hanford_lemoore on 2004-05-10 18:28 ]

Post #90475 by hanford_lemoore on Mon, May 10, 2004 3:05 PM