Forum - View topicNEWS: Report: 2.5 Million Funimation Accounts Compromised in Data Breach
Goto page Previous 1, 2, 3, 4 Note: this is the discussion thread for this article |
Author | Message | |||
---|---|---|---|---|
Blanchimont
Posts: 3453 Location: Finland |
|
|||
So they DID know about it. But didn't disclose the breach to users. Only asked one month back to change passwords(according to comments in this thread). How many facepalms can you count?... Luckily I don't have a Funi account, due to being in the wrong region. This reminds me it's high time to change my CR password once again, just in case... |
||||
Shiroi Hane
Encyclopedia Editor
Posts: 7580 Location: Wales |
|
|||
I can confirm it does not affect the UK service (which initially had a completely separate userbase) since I registered there with a different email address to the two I have registered on the US site (both of which were affected).
Could be worse; when MVM's store was hacked I had fraudulent payments on two different cards (and they've never acknowledged the breach). I've been using Paypal exclusively there since. |
||||
myamine
Posts: 6 |
|
|||
I dont know if they knew before my email, but once they got my email they should have at least force reset everyones password but till this day, I've never gotten an email telling me about the breach or pw reset. |
||||
ペンネーム
Posts: 8 |
|
|||
Things just got worse:
https://bugs.chromium.org/p/project-zero/issues/detail?id=1139 Sites using cloudflare, like Anime News Network, Crunchyroll and millions more, have been "bleeding" PII including usernames and passwords. Congratulations! Your passwords and usernames are not safe here because they used a terrible product to try to protect from DDoS instead of investing in good technology and superior solutions. |
||||
Suena
Posts: 289 |
|
|||
This is why I give out a fake birthdate to most websites. All they really need is to know that I'm over 18 anyway. I also only ever used my Paypal account to purchase from them, which I have to log in to independently, so there's little risk of them swiping my payment info.
I was prompted to change my Funi password the last time I logged in (a month or so ago). I hadn't logged into the site in several months at the time. |
||||
leafy sea dragon
Posts: 7163 Location: Another Kingdom |
|
|||
Heh, my aunt does that, but for an entirely different reason than security: She hasn't quite grasped the concept of digital passwords, so she uses the "Forgot password?" link every time she wants to log in to something, then uses the new password given out on the e-mail.
Besides the fact that no one deserves to have their data compromised, is there something even better than streaming that has since come out that we alldon't know about? |
||||
yuna49
Posts: 3804 |
|
|||
Were the passwords in plain-text, or were they encrypted? |
||||
yuna49
Posts: 3804 |
|
|||
Let's calm down a bit first, okay? A particular set of circumstances had to exist for the exposure to occur.
https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/ So whether the use of Cloudflare by ANN or Crunchyroll leaked information is completely unknown, but pretty unlikely. Funimation's behavior, on the other hand, is entirely despicable and could be, as Mark Gosdin suggests, in violation of some states' laws on consumer privacy. I use unique email addresses at every site I have an account on (one of the benefits of owning a domain) and haven't seen any fallout from this breach yet. |
||||
maxwell3094
Posts: 148 |
|
|||
Its unlikely but the Cloudflare bug has been happening for a few months now and a lot of sites use it so its possible some people had their info for ANN leaked. Best to update your password here (and on any other site you use that uses Cloudflare) just to be on the safe side in the off chance that your password got leaked.
Though its worth noting that the earliest the Cloudflare bug started was in September and the article says Funi's breach happened last July so it was apparently totally unrelated and doesn't change that Funi are still total scum bags for not warning their users. |
||||
Kadmos1
Posts: 13558 Location: In Phoenix but has an 85308 ZIP |
|
|||
Their old motto of "You should be watching" is somewhat ironic now.
|
||||
All times are GMT - 5 Hours |
||
|
Powered by phpBB © 2001, 2005 phpBB Group