Patreon got hacked
arstechnica.com/security/...tions-site-dumped-online/
Can't something be left alone? Jesus Christ....
Can't something be left alone? Jesus Christ....
Once again, the savvy password manager user comes out on top
Even use a prepaid credit card so any number they got off my account is worthless :v
Even use a prepaid credit card so any number they got off my account is worthless :v
NNNNNOOOOOOOOOOOOOOOOOOOOOO!!!!!!!!! I DONATED 1 DOLLAR!
I don't get why the hackers are publishing the data. I mean, it's not like Ashley Madison where there is the whole shaming cheaters thing. What is this, oh shame on everyone for supporting artists?
I've already changed my password after getting an email from Patreon about the hack. The email says that they don't store credit card information on their servers so that info is hopefully safe still.
I've already changed my password after getting an email from Patreon about the hack. The email says that they don't store credit card information on their servers so that info is hopefully safe still.
Changer said:
I don't get why the hackers are publishing the data. I mean, it's not like Ashley Madison where there is the whole shaming cheaters thing. What is this, oh shame on everyone for supporting artists?
I don't get why the hackers are publishing the data. I mean, it's not like Ashley Madison where there is the whole shaming cheaters thing. What is this, oh shame on everyone for supporting artists?
That's how black hat hacking works, they do it for the fun/glory/excitement of it.
plsignore said:
That's how black hat hacking works, they do it for the fun/glory/excitement of it.
That's how black hat hacking works, they do it for the fun/glory/excitement of it.
Yeah, that needs to stop. I remember reading an article about how harsh punishments aren't the answer; citing the war on drugs. But if hacking places for the funsies just gets you a slap on the wrist, there's no real deterrent. In a world where your personal information going out publicly could literally ruin your life, the consequences of doing that to a bunch of people should be equally harsh.
plsignore said:
That's how black hat hacking works, they do it for the fun/glory/excitement of it.
That's how black hat hacking works, they do it for the fun/glory/excitement of it.
It's actually for the sweet, sweet CCs and Paypal keys.
Ethereal said:
It's actually for the sweet, sweet CCs and Paypal keys.
It's actually for the sweet, sweet CCs and Paypal keys.
If it was for that, they would just get that info, and keep it. They instead released user info publicly where identity thieves are free to dig through and piece anything they can use together.
Changer said:
Yeah, that needs to stop. I remember reading an article about how harsh punishments aren't the answer; citing the war on drugs. But if hacking places for the funsies just gets you a slap on the wrist, there's no real deterrent. In a world where your personal information going out publicly could literally ruin your life, the consequences of doing that to a bunch of people should be equally harsh.
Yeah, that needs to stop. I remember reading an article about how harsh punishments aren't the answer; citing the war on drugs. But if hacking places for the funsies just gets you a slap on the wrist, there's no real deterrent. In a world where your personal information going out publicly could literally ruin your life, the consequences of doing that to a bunch of people should be equally harsh.
What slap on the wrist? the hackers haven't even been caught
plsignore said:
What slap on the wrist? the hackers haven't even been caught
What slap on the wrist? the hackers haven't even been caught
I am referring to the idea an article I had read presented about avoiding harsh punishments for hackers, not referring to specifically this hacker in particular.
Changer said:
I remember reading an article about how harsh punishments aren't the answer; citing the war on drugs.
I remember reading an article about how harsh punishments aren't the answer; citing the war on drugs.
I thought the issue on the war on drugs was less the harsh punishments but rather who they were given to.
Not that I don't think armchair speculating isn't fun, but I'd be interested in seeing a lawyer's take on this.
If the attacker was caught they would probably get fined $4,000,000+ and serve 10 years
Please shut the fuck up about hacking punishments not being "tough enough" when even perfectly fine whitehats risk 10 to 15 and fines if a company decides that their pentest went "too far"
Whoever breached Experian is going away for a long long time if they get caught too and they know it, they already know it's worse than a slap on the wrist if they're found out
It's like pirating - the fines if you're actually charged are a shitload, but nobody for the most part gets charged because the RIAA can't sniff your traffic (as far as I know)
You think the answer to piracy is to double those fines rather than fixing the source of the problem? Here is the trash can, feel free to visit it any time
Please shut the fuck up about hacking punishments not being "tough enough" when even perfectly fine whitehats risk 10 to 15 and fines if a company decides that their pentest went "too far"
Whoever breached Experian is going away for a long long time if they get caught too and they know it, they already know it's worse than a slap on the wrist if they're found out
It's like pirating - the fines if you're actually charged are a shitload, but nobody for the most part gets charged because the RIAA can't sniff your traffic (as far as I know)
You think the answer to piracy is to double those fines rather than fixing the source of the problem? Here is the trash can, feel free to visit it any time
I sadly have to agree. Stricter laws aren't the solution. The problem is, you can build a good security, but you have to base your security on something. And this "something" may have been not secure in the first place.
A good article is from 2010, when someone formerly coding BSD, one of the most secure systems, if not THE, known today, sent an email that he had to code a backdoor into it requested by the FBI. Part of that code is used in almost any chip nowadays, although being altered so many times, it probably doesn't work anymore. But it being open source, everyone could see it and no one ever noticed ...
The article can be found here: arstechnica.com/informati...r-in-openbsd-ipsec-stack/
My point being is that there's always a weak point and of course it isn't visible. Security updates happen fast, but if you are a well informed Hacker, you probably know before most company IT could implement a fix.
And there's always the possibility of human failure. Not setting the correct parameters, not getting all the upgrades in time, overlooking something or simply a co-worker surfing on the wrong site and infecting the network, creating a backdoor into the system.
As a security specialist it is you against the internet. That's pretty hard to fight to a draw, and impossible to win.
A good article is from 2010, when someone formerly coding BSD, one of the most secure systems, if not THE, known today, sent an email that he had to code a backdoor into it requested by the FBI. Part of that code is used in almost any chip nowadays, although being altered so many times, it probably doesn't work anymore. But it being open source, everyone could see it and no one ever noticed ...
The article can be found here: arstechnica.com/informati...r-in-openbsd-ipsec-stack/
My point being is that there's always a weak point and of course it isn't visible. Security updates happen fast, but if you are a well informed Hacker, you probably know before most company IT could implement a fix.
And there's always the possibility of human failure. Not setting the correct parameters, not getting all the upgrades in time, overlooking something or simply a co-worker surfing on the wrong site and infecting the network, creating a backdoor into the system.
As a security specialist it is you against the internet. That's pretty hard to fight to a draw, and impossible to win.
The real data leak is for people who have a patreon page (such as me) and are accepting donations, their tax info is encrypted but has been leaked and if the encryption is ever broken things such as identity fraud could become an issue.
slayerduck said:
The real data leak is for people who have a patreon page (such as me) and are accepting donations, their tax info is encrypted but has been leaked and if the encryption is ever broken things such as identity fraud could become an issue.
The real data leak is for people who have a patreon page (such as me) and are accepting donations, their tax info is encrypted but has been leaked and if the encryption is ever broken things such as identity fraud could become an issue.
You keep our data safe, don't you slayerduck?
Don't you? ;~;
