[Coco] hacker Hunt-Down Status

[Roger Taylor]

At 08:10 PM 12/2/2006, you wrote:

>Roger Taylor wrote:

> > At 02:30 PM 12/2/2006, you wrote:

> >> Roger, do you think the ID and password list was compromised? Should we

> >> change our forum passwords?

> >

> > No, the passwords are encrypted in the MySQL database, so they cannot

> > be seen.  However, you know it's a standard practice to change all of

> > your passwords periodically, so I would say Yes, do that just for 

> good safety.

>

>Also bear in mind depending on the encryption method used, if the

>database had been dumped out, it may be feasible to crack the passwords.

>

>I would say even if you don't think the data was lifted, that you should

>change your passwords as you can never be 100% sure of what an intruder

>has or has not copied.




True.  And the worst thing a hacker could do is maybe log in using 
your handle and post an offending message, but I don't think that was 
the intent then or now when the hacker broke in and deleted the 
members completely.



-- 
Roger Taylor