Leaderboard

Pen names restored, took a few hours since there are a ton of members. if they aren’t current feel free to edit them. The attack didn’t get far, only managing to change pen names, user sensitive data is all encrypted so don’t have to worry about it..

manta is working on fixing the user names as we speak...

I’m aware of that, as is our coder. i do believe it was a failed exploit, but, not sure yet. Still digging into this.

It’s actually as everyone was thinking, a benign place holder and easily fixed. Kind of a carryover from the very old stuff.

75% done. Haha!

Great you have back up you can use to fix the problem. As a fellow systemdeveloper...unless some of crew know they made the wrong SQL and are responsible for the problem I suggest this might be a good time to verify that you have a full set of backups that is independent from normal backups and preferably off line. If somebody tried to hack AFF, and caused the problem to happen through an exploit, there might we worse data loss that could happen. Additionally, no matter if this really was an failed attack I would suggest that using a supported version of PHP is really important. I don’t know what PHP version is used here, but many sites uses outdated PHP with many security holes. Checking OWASP Cheat sheet for PHP is also a really good idea because there are lots of things in PHP that available by default but not always needed. Getting rid things that are not needed increases the security a lot.