Dear Nuffnanger,
Hope this email finds you
well! We'd like to ask if you could please spend a few minutes of your
time on this very important community announcement.
Yesterday
evening on Friday (22nd July), we discovered an illegal and
unauthorised intrusion into our network, which was the latest in a
series of hacking incidents by a group of individuals who also claim to
have targeted Streamyx, CIMB, TV3 and the several other local websites
previously. In our case, the hackers claimed to have downloaded a
portion of our blogger account information and published the emails of
some 30,000 Nuffnang accounts.
The breach has since been fixed, and we’d like to address a few key concerns that you may have.
1. Your password is safe.
As
part of the existing security measures, all user passwords in our
database have always been protected with one-way encryption.
Nevertheless, we still encourage you to change your password (especially
if you use the same password for other sites) as a precautionary
measure in case the hackers are able to get past the encryption.
2. Blog earnings and payment records are not affected.
Current earnings and payment history for all users are safe and were not compromised in any way.
3. Loading of blogs serving Nuffnang ads is not affected.
At
1.00 am last night, our Tech team took down the website for maintenance
and for a few hours, ads were not served. This morning though,
everything is up and running again and back to normal. All blogs serving
Nuffnang ads loaded as usual and were not affected by the breach.
This
security lapse is an isolated incident, as the security of our sites
has always been and always will be our utmost priority. It has however
opened our eyes on some vulnerabilities we had on our website. In
response to that, we will be taking measures to further heighten the
security of the Nuffnang framework because from what we understand, that
was after all the motivation of the hackers – not to cause any
permanent damage, but to highlight vulnerabilities in a system.
To
the Nuffnangers who made many attempts to alert us once word got out
that the Nuffnang site was hacked, we cannot begin to thank you enough.
To
the wonderful Nuffnang community, thank you for standing by us in this
time of crisis. Your patience and support is something we are thankful
for and will never take for granted. We apologize for any inconvenience
caused, and for not being able to prevent this breach. We have put
dedicated staff to work on this matter, therefore to address any
concerns or questions you may have about this incident, please write in
to us at security@nuffnang.com.
Thank you.
Sincerely,
The Nuffnang Team