Shadyscott999 Posted November 26, 2014 Share Posted November 26, 2014 This makes things interesting... Link to comment Share on other sites More sharing options...
ZackJones Posted November 26, 2014 Share Posted November 26, 2014 If only that big IT upgrade project had gotten started. You know the one that Kim wrote about back in February. Not saying it would have prevented it but it might have. Link to comment Share on other sites More sharing options...
shootingchef Posted November 26, 2014 Share Posted November 26, 2014 F.A.! Link to comment Share on other sites More sharing options...
Chuck Anderson Posted November 26, 2014 Share Posted November 26, 2014 I wouldn't guarantee that your information isn't compromised just because it isn't on the list the hacker chose to make public. Not sure why it would be limited to 15K instead of everything. Safe bet is to change the password on any sites you use the same password for. Link to comment Share on other sites More sharing options...
DWFAN Posted November 26, 2014 Share Posted November 26, 2014 Just got a Downrange email with notification in it about the hack. Link to comment Share on other sites More sharing options...
dave.w223 Posted November 26, 2014 Share Posted November 26, 2014 If found, will USPSA allow us to use the hackers for movers instead of the standard metric target? Link to comment Share on other sites More sharing options...
Trent1k1 Posted November 26, 2014 Share Posted November 26, 2014 Site is backup and i was not prompted to change my password. In fact, I didnt even have to login since the session or cookies still existed in my browser. Link to comment Share on other sites More sharing options...
MarkCO Posted November 26, 2014 Share Posted November 26, 2014 Site is backup and i was not prompted to change my password. In fact, I didnt even have to login since the session or cookies still existed in my browser. Does not look like it is fixed to me. I am not entering a new PW until they can show it is fixed. All my settings for notification were changed, when I changed them back I get this. Unknown column 'password' in 'field list' Link to comment Share on other sites More sharing options...
BritinUSA Posted November 26, 2014 Share Posted November 26, 2014 Site is backup and i was not prompted to change my password. In fact, I didnt even have to login since the session or cookies still existed in my browser. NOTICE: All passwords have been reset as of 11/26/2014. If you have not set a new password please click Reset Password below. Link to comment Share on other sites More sharing options...
Iceman2733 Posted November 26, 2014 Share Posted November 26, 2014 This is beyond sad as someone with an IT background such an attack should not have taken place. Whether your email is on there tonight passwords need to be changed. I agree there is no way they stopped there, this is what they wanted people to see. What there intent was with this we dont know yet, theft does seem to be one of them. As for not requesting a new password it did request a password reset. Try clearing cookies and reopening browser. Link to comment Share on other sites More sharing options...
BritinUSA Posted November 26, 2014 Share Posted November 26, 2014 I tried the Reset Password but it did not send me an email with the link to reset. Link to comment Share on other sites More sharing options...
MarkCO Posted November 26, 2014 Share Posted November 26, 2014 This is beyond sad as someone with an IT background such an attack should not have taken place. Whether your email is on there tonight passwords need to be changed. I agree there is no way they stopped there, this is what they wanted people to see. What there intent was with this we dont know yet, theft does seem to be one of them. As for not requesting a new password it did request a password reset. Try clearing cookies and reopening browser. I did, and it still let me login with the old password and did not request a reset. I logged in and out a few times, then it finally asked for a password reset, but I have not gotten the link yet. Link to comment Share on other sites More sharing options...
Vlad Posted November 26, 2014 Share Posted November 26, 2014 Conspiracy theories are not required, btw. People hack easily compromised sites to obtain email and password combinations which then they can try against paypal, credit card and bank websites, etc. I very much doubt is the the Bloomberg army after USPSA as I've already heard suggested today. Link to comment Share on other sites More sharing options...
Nealio Posted November 26, 2014 Share Posted November 26, 2014 Conspiracy theories are not required, btw. People hack easily compromised sites to obtain email and password combinations which then they can try against paypal, credit card and bank websites, etc. And its not that hard to NOT be an "easily compromised site". sad.. Link to comment Share on other sites More sharing options...
Stan-O Posted November 26, 2014 Author Share Posted November 26, 2014 What could someone get from USPSA.? The e-mail/password combinations that can be tried at other sites -- like eBay, PayPal, personal finance, cloud storage. Basically anything which can either get hackers the actual financial information to steal from you or access to documents with such information. Or the naughty pics from your cloud storage if you're a celebrity. The database was compromised over a year ago when the Executive Director allowed third parties to access the info without a privacy agreement. While I agree both cases are equally bad, one thing is hackers gaining access to the membership database (compromised data) and another thing granting permission to the third parties for access (lack of data handling regulations). Link to comment Share on other sites More sharing options...
Steve RA Posted November 26, 2014 Share Posted November 26, 2014 I also tried the Password Reset, no E-Mail as of yet (roughly 6 hours). Link to comment Share on other sites More sharing options...
yoshidaex Posted November 26, 2014 Share Posted November 26, 2014 Did you check your spam folder? Link to comment Share on other sites More sharing options...
NewColonial Posted November 26, 2014 Share Posted November 26, 2014 The password reset email was blocked by a spamhaus blacklist. Try adding uspsa.org as a trusted sender if you can. Link to comment Share on other sites More sharing options...
RadarTech Posted November 26, 2014 Share Posted November 26, 2014 CMD=SELECT email, password, local_match_results, major_match_results, uspsa_alerts, ipsc_alias, ipsc_alias_private, prematch_press FROM pin_pw WHERE person_number="70113" Unknown column 'password' in 'field list' I got this message when I changed my password.. Link to comment Share on other sites More sharing options...
NewColonial Posted November 26, 2014 Share Posted November 26, 2014 I got that error earlier too. Just add dumping database fields to the growing list of poor security practices at USPSA. Link to comment Share on other sites More sharing options...
alma Posted November 26, 2014 Share Posted November 26, 2014 I tried the Reset Password but it did not send me an email with the link to reset. Check your junk mail. I found my password reset email in gmail Spam. Link to comment Share on other sites More sharing options...
Bkreutz Posted November 26, 2014 Share Posted November 26, 2014 I use a unique password for the USPSA site. Personally I think it would be stupid to use the same password on multiple sites. The way I see it, if someone has gotten my USPSA password, the worst they can do is post on the USPSA forum as me. (or horror of horrors, look at my classifications). The security breach doesn't affect any of my financial accounts. Link to comment Share on other sites More sharing options...
BritinUSA Posted November 26, 2014 Share Posted November 26, 2014 I tried the Reset Password but it did not send me an email with the link to reset. Check your junk mail. I found my password reset email in gmail Spam. There's nothing in my Junk mail at all. Link to comment Share on other sites More sharing options...
Adam B Posted November 26, 2014 Share Posted November 26, 2014 The level of incompetence currently at uspsa is astounding. Between this and the $144k in question will be why I am canceling my membership. Link to comment Share on other sites More sharing options...
ktm300 Posted November 26, 2014 Share Posted November 26, 2014 The level of incompetence currently at uspsa is astounding. Between this and the $144k in question will be why I am canceling my membership. The level of incompetence is created by members that don't bother to vote, don't bother to run for office, etc. The membership is directly responsible for what USPSA does, we vote the people into office, they hire the staff. This is not IDPA where you have a dictatorship. I like the game enough to try and make it better. Then again I never was someone that just gives up. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now