login   |    register
User Support
This forum deals with technical issues, email problems or other support related issues.
Has Armorama been hacked?
TankTalk
Visit this Community
Canada
Joined: December 02, 2013
KitMaker: 38 posts
P47 Heaven: 0 posts
Posted: Sunday, February 10, 2019 - 12:05 PM UTC
I just got one of those slimy blackmail emails and the sender knew my Armorama password!! I've since changed it, but if they've hacked the site there should be more....
Namabiiru
Staff MemberAssociate Editor
MODEL SHIPWRIGHTS
#399
Visit this Community
Rhode Island, United States
Joined: March 05, 2014
KitMaker: 2,877 posts
P47 Heaven: 0 posts
Posted: Sunday, February 10, 2019 - 12:19 PM UTC
That's a pretty common scam spam right now, and not unique to Armorama. It's not so much the site has been hacked, but the perpetrators have gotten their hands on old (not current) user lists. I've gotten a ton of those emails. Not one of them has a password for any account I'm particularly concerned about. If someone wants to hijack my KMN account, I'll be sad, but it won't be the end of the world.

TankTalk
Visit this Community
Canada
Joined: December 02, 2013
KitMaker: 38 posts
P47 Heaven: 0 posts
Posted: Monday, February 11, 2019 - 03:52 AM UTC

Quoted Text

It's not so much the site has been hacked, but the perpetrators have gotten their hands on old (not current) user lists.[ ]



I'm a bit confused as to what form a user list is found and how it is obtained in the public domain containing my current password? Of course this isn't a critical site like banking, but Kit Maker Network is a very large platform. Just googling about this scam, it seems sites with weak security are vulnerable.
CMOT
Staff MemberEditor-in-Chief
ARMORAMA
Visit this Community
England - South West, United Kingdom
Joined: May 14, 2006
KitMaker: 10,951 posts
P47 Heaven: 0 posts
Posted: Monday, February 11, 2019 - 06:42 AM UTC
Dean your password is encrypted on the site and so even a hack does not give that information. What they do get is a list of encrypted passwords that are then cracked as most people use words and dates that a system can figure out, Using random figures, symbols and upper and lower case letters will usually protect you against this issue, but nothing is 100% secure.
TankTalk
Visit this Community
Canada
Joined: December 02, 2013
KitMaker: 38 posts
P47 Heaven: 0 posts
Posted: Monday, February 11, 2019 - 12:36 PM UTC
Fascinating. My MacOS has a password generator that would give such randomness. Of course I won't be able to remember them
CMOT
Staff MemberEditor-in-Chief
ARMORAMA
Visit this Community
England - South West, United Kingdom
Joined: May 14, 2006
KitMaker: 10,951 posts
P47 Heaven: 0 posts
Posted: Monday, February 11, 2019 - 11:11 PM UTC
All I can say then Dean is that they are a pain the the A R S E
RobinNilsson
Staff MemberTOS Moderator
KITMAKER NETWORK
Visit this Community
Stockholm, Sweden
Joined: November 29, 2006
KitMaker: 6,657 posts
P47 Heaven: 0 posts
Posted: Tuesday, February 12, 2019 - 01:27 AM UTC
My password is really simple,
it is:
***************

lahi
Visit this Community
Aarhus, Denmark
Joined: August 04, 2006
KitMaker: 1 posts
P47 Heaven: 0 posts
Posted: Monday, March 30, 2020 - 11:44 AM UTC
Hi. I just found this thread. Recently, I have been receiving spam from NetFlix - apparantly someone has used my email address to try to create an account at NetFlix. As the mail address used is one I used specifically for this account at kitmaker.net (quite a while ago, frankly I had forgotten about it), it must definitely have leaked from here. (An address of the form [email protected])

As I can read from above, apparantly user data has been leaked from kitmaker.net in the past. I suppose that is how it happened. I don't recall seeing any message about this? Even if passwords are not compromised, the leakage of email adresses is bad enough.
Helly8800DK
Visit this Community
Denmark
Joined: June 14, 2010
KitMaker: 1 posts
P47 Heaven: 0 posts
Posted: Tuesday, June 30, 2020 - 09:08 AM UTC

Quoted Text

Hi. I just found this thread. Recently, I have been receiving spam from NetFlix - apparantly someone has used my email address to try to create an account at NetFlix. As the mail address used is one I used specifically for this account at kitmaker.net (quite a while ago, frankly I had forgotten about it), it must definitely have leaked from here. (An address of the form [email protected])

As I can read from above, apparantly user data has been leaked from kitmaker.net in the past. I suppose that is how it happened. I don't recall seeing any message about this? Even if passwords are not compromised, the leakage of email adresses is bad enough.



It's still a problem! I have done the same thing as you. My email adress to this site is the only site where I use it [email protected]_domainname. and they know my password as well. It was in the mail I got...
So don't leave a phone numer or an adress in your account profile...
brekinapez
Visit this Community
Georgia, United States
Joined: July 26, 2013
KitMaker: 2,268 posts
P47 Heaven: 0 posts
Posted: Tuesday, June 30, 2020 - 11:59 AM UTC
Try this site to check all the email addresses you use and see how many are compromised.

https://haveibeenpwned.com/

The results may surprise/dishearten you.