Nvidia Forums and Devzone Compromised

[Manarift]

Just saw this on their facebook page as well as on their site linked below

Attention NVIDIA Forum and DevZone Users: We recently discovered that unauthorized third parties gained access to some user information. We continue to investigate this matter and are working to restore these sites as soon as possible. Please visit http://forums.nvidia.com/ andhttp://developer.nvidia.com/ for the latest status updates and guidance.

Source: http://www.nvidia.com/content/forums/index.html

[+Zlip792 MVC]

That's why nvidia forum was not opening since many days..

[remixedcat]

They use the smae software as this forum as welll which is Invision Power Services IP.Board or IPB.

[Manarift]

They use the smae software as this forum as welll which is Invision Power Services IP.Board or IPB.

They never updated from the 2.x version is probably why.

[remixedcat]

the hell??? yah think they'd be on top of that.... and be surely able to afford to upgrade.... wow... not unless some clingy ****** didn't want to upgrade becuase of some changes IPS made.... I hope not!!!!

[Mr. Gibs]

They never updated from the 2.x version is probably why.

Community Forum Software by IP.Board 3.3.4

[Manarift]

Community Forum Software by IP.Board 3.3.4

they probably updated to the latest after the issue happened

[Vice]

Another forum I visit that also uses IPB (overclock3d.net) got hacked a whole bunch of times with code inserted in to their Index.php - They have switched to VBulletin as their board and the attacks have stopped. They were using the latest up to date version of IPB..

[Detection]

lol I just deleted an email that appeared in my junk folder saying Nvidia forums hacked, just assumed it was spam

[+InsaneNutter MVC]

Glad I now use a different password for every online account i have, i probably should change my Nvidia forums pass, however i dont care enough about it to. I signed up to ask something 4/5 years ago and never used the forums again.

Dear NVIDIA Forum User,

We suspended operations of the NVIDIA Forums last week in response to suspicious activity and immediately began an investigation. We apologize that our continuing investigation is taking this long. Know that we are working around the clock to ensure that secure operations can be restored.

Our investigation has identified that unauthorized third parties gained access to some user information, including:

? username

? email address

? hashed passwords with random salt value

? public-facing ?About Me? profile information

NVIDIA did not store any passwords in clear text. ?About Me? optional profiles could include a user?s title, age, birthdate, gender, location, interests, email and website URL ? all of which was already publicly accessible.

NVIDIA is continuing to investigate this matter and is working to restore the Forums as soon as possible. We are employing additional security measures to minimize the impact of future attacks.

All user passwords for our Forums will be reset when the system comes back online. At that time, an email with a temporary password, along with instructions on how to change it, will be sent to your registered email address.

As a precautionary measure, we strongly recommend that you change any identical passwords that you may be using elsewhere.

NVIDIA does not request sensitive information by email. Do not provide personal, financial or sensitive information (including new passwords) in response to any email purporting to be sent by an NVIDIA employee or representative.

Check back on the NVIDIA Forums for updates.

[The King of GnG]

The cloud. It stinks....

[firey]

The cloud. It stinks....

Yep, sounds like a fart alright.

[xendrome]

The cloud. It stinks....

By cloud, you mean "internet" correct?

[The King of GnG]

By cloud, you mean "internet" correct?

Yep. Internet isn't permanent, it's transient. Like farting clouds :-D