{"id":18618,"date":"2026-03-24T18:19:44","date_gmt":"2026-03-24T18:19:44","guid":{"rendered":"https:\/\/cryptoted.net\/index.php\/2026\/03\/24\/security-alert-12-19-2016-ethereum-org-forums-database-compromised\/"},"modified":"2026-03-24T18:19:44","modified_gmt":"2026-03-24T18:19:44","slug":"security-alert-12-19-2016-ethereum-org-forums-database-compromised","status":"publish","type":"post","link":"https:\/\/cryptoted.net\/index.php\/2026\/03\/24\/security-alert-12-19-2016-ethereum-org-forums-database-compromised\/","title":{"rendered":"Security alert [12\/19\/2016]: Ethereum.org Forums Database Compromised"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"\">\n<p class=\"chakra-text css-gi02ar\">On December 16, we were made aware that someone had recently gained unauthorized access to a database from <a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-vezwxf\" href=\"http:\/\/forum.ethereum.org\/\">forum.ethereum.org<\/a>. We immediately launched a thorough investigation to determine the origin, nature, and scope of this incident. Here is what we know:<\/p>\n<ul role=\"list\" class=\"css-1ars4k6\">\n<li class=\"css-0\">The information that was recently accessed is a database backup from April 2016 and contained information about 16.5k forum users.<\/li>\n<li class=\"css-0\">The leaked information includes\n<ul role=\"list\" class=\"css-1ars4k6\">\n<li class=\"css-0\">Messages, both public and private<\/li>\n<li class=\"css-0\">IP-addresses<\/li>\n<li class=\"css-0\">Username and email addresses<\/li>\n<li class=\"css-0\">Profile information<\/li>\n<li class=\"css-0\">Hashed passwords\n<ul role=\"list\" class=\"css-1ars4k6\">\n<li class=\"css-0\">~13k bcrypt hashes (salted)<\/li>\n<li class=\"css-0\">~1.5k WordPress-hashes (salted)<\/li>\n<li class=\"css-0\">~2k accounts without passwords (used federated login)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li class=\"css-0\">The attacker self-disclosed that they are the same person\/persons who <a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-vezwxf\" href=\"http:\/\/www.coindesk.com\/hackers-stole-300k-blockchain-investor\/\">recently hacked Bo Shen<\/a>.<\/li>\n<li class=\"css-0\"><span style=\"font-weight:400\">The attacker used social engineering to gain access to a mobile phone number that allowed them to gain access to other accounts, one of which had access to an old database backup from the forum.<\/span><\/li>\n<\/ul>\n<p>We are taking the following steps:<\/p>\n<ul role=\"list\" class=\"css-1ars4k6\">\n<li class=\"css-0\">Forum users whose information may have been compromised by the leak will be receiving an email with additional information.<\/li>\n<li class=\"css-0\">We have closed the unauthorized access points involved in the leak.<\/li>\n<li class=\"css-0\">We are enforcing stricter security guidelines internally such as removing the recovery phone numbers from accounts and using encryption for sensitive data.<\/li>\n<li class=\"css-0\">We are providing\u00a0the email addresses that we believe were leaked to <a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-vezwxf\" href=\"https:\/\/haveibeenpwned.com\">https:\/\/haveibeenpwned.com<\/a>, a service that helps communicate with affected users.<\/li>\n<li class=\"css-0\">We are resetting all forum passwords, effective immediately.<\/li>\n<\/ul>\n<p>If you were affected by the attack we recommend you do the following:<\/p>\n<ul role=\"list\" class=\"css-1ars4k6\">\n<li class=\"css-0\">Ensure that your passwords are not reused between services.\u00a0If you have reused your forum.ethereum.org password elsewhere, change it in those places.<\/li>\n<\/ul>\n<p>Additionally, we recommend <a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-vezwxf\" href=\"http:\/\/blog.kraken.com\/post\/153209105847\/security-advisory-mobile-phones\">this excellent blog post by Kraken<\/a> that provides useful information about how to protect against these types of attacks.<\/p>\n<p class=\"chakra-text css-gi02ar\">We deeply regret that this incident occurred and are working diligently internally, as well as with external partners to address the incident.<\/p>\n<p class=\"chakra-text css-gi02ar\">Questions can be directed to <a class=\"chakra-link css-vezwxf\" href=\"https:\/\/blog.ethereum.org\/en\/2016\/12\/19\/mailto:security@ethereum.org\">security@ethereum.org<\/a>.<\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/blog.ethereum.org\/en\/2016\/12\/19\/security-alert-12192016-ethereum-org-forums-database-compromised\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>On December 16, we were made aware that someone had recently gained unauthorized access to a database from forum.ethereum.org. We immediately launched a thorough investigation to determine the origin, nature, and scope of this incident. Here is what we know: The information that was recently accessed is a database backup from April 2016 and contained [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":18498,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[24],"tags":[],"kronos_expire_date":[],"class_list":["post-18618","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ethereum"],"_links":{"self":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/posts\/18618","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/comments?post=18618"}],"version-history":[{"count":0,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/posts\/18618\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/media\/18498"}],"wp:attachment":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/media?parent=18618"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/categories?post=18618"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/tags?post=18618"},{"taxonomy":"kronos_expire_date","embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/kronos_expire_date?post=18618"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}