New ask Hacker News story: Tell HN: HN Replies Data Security Incident
Tell HN: HN Replies Data Security Incident
31 by simonpure | 2 comments on Hacker News.
Just received below email - --- Hello, Your email address used for HN Replies (hnreplies.com) notifications has likely been leaked. I was notified today that a user of this site received a spam email at an email address used solely for hnreplies.com notifications. I investigated how this could have occurred. For a period of several days earlier this year, a .git directory on the VPS hosting this site was exposed to the internet by a configuration mistake, providing enough information to allow an attacker to access the site's database. This website stores only two pieces of personal information: a username to follow, and an email address to notify of new comments for that username. This website does not require passwords, so you do not need to change any passwords. If you'd like to unsubscribe from HNReplies.com, which will permanently remove your email address from the database, you may click here: https://ift.tt/3gKFqm9 I'm sorry that this incident occurred. The configuration mistake was fixed and passwords changed. If you have any questions about this email, you can reply to this email to contact me. Kind regards, Dan Grossman Creator of hnreplies.com
31 by simonpure | 2 comments on Hacker News.
Just received below email - --- Hello, Your email address used for HN Replies (hnreplies.com) notifications has likely been leaked. I was notified today that a user of this site received a spam email at an email address used solely for hnreplies.com notifications. I investigated how this could have occurred. For a period of several days earlier this year, a .git directory on the VPS hosting this site was exposed to the internet by a configuration mistake, providing enough information to allow an attacker to access the site's database. This website stores only two pieces of personal information: a username to follow, and an email address to notify of new comments for that username. This website does not require passwords, so you do not need to change any passwords. If you'd like to unsubscribe from HNReplies.com, which will permanently remove your email address from the database, you may click here: https://ift.tt/3gKFqm9 I'm sorry that this incident occurred. The configuration mistake was fixed and passwords changed. If you have any questions about this email, you can reply to this email to contact me. Kind regards, Dan Grossman Creator of hnreplies.com
Comments
Post a Comment