Nvidia Forums and Devzone Compromised


Recommended Posts

Just saw this on their facebook page as well as on their site linked below

Attention NVIDIA Forum and DevZone Users: We recently discovered that unauthorized third parties gained access to some user information. We continue to investigate this matter and are working to restore these sites as soon as possible. Please visit http://forums.nvidia.com/ andhttp://developer.nvidia.com/ for the latest status updates and guidance.

Source: http://www.nvidia.com/content/forums/index.html

Link to comment
Share on other sites

That's why nvidia forum was not opening since many days..

Link to comment
Share on other sites

They use the smae software as this forum as welll which is Invision Power Services IP.Board or IPB.

Link to comment
Share on other sites

They use the smae software as this forum as welll which is Invision Power Services IP.Board or IPB.

They never updated from the 2.x version is probably why.

Link to comment
Share on other sites

the hell??? yah think they'd be on top of that.... and be surely able to afford to upgrade.... wow... not unless some clingy ****** didn't want to upgrade becuase of some changes IPS made.... I hope not!!!!

Link to comment
Share on other sites

Another forum I visit that also uses IPB (overclock3d.net) got hacked a whole bunch of times with code inserted in to their Index.php - They have switched to VBulletin as their board and the attacks have stopped. They were using the latest up to date version of IPB..

Link to comment
Share on other sites

Glad I now use a different password for every online account i have, i probably should change my Nvidia forums pass, however i dont care enough about it to. I signed up to ask something 4/5 years ago and never used the forums again.

Dear NVIDIA Forum User,

We suspended operations of the NVIDIA Forums last week in response to suspicious activity and immediately began an investigation. We apologize that our continuing investigation is taking this long. Know that we are working around the clock to ensure that secure operations can be restored.

Our investigation has identified that unauthorized third parties gained access to some user information, including:

? username

? email address

? hashed passwords with random salt value

? public-facing ?About Me? profile information

NVIDIA did not store any passwords in clear text. ?About Me? optional profiles could include a user?s title, age, birthdate, gender, location, interests, email and website URL ? all of which was already publicly accessible.

NVIDIA is continuing to investigate this matter and is working to restore the Forums as soon as possible. We are employing additional security measures to minimize the impact of future attacks.

All user passwords for our Forums will be reset when the system comes back online. At that time, an email with a temporary password, along with instructions on how to change it, will be sent to your registered email address.

As a precautionary measure, we strongly recommend that you change any identical passwords that you may be using elsewhere.

NVIDIA does not request sensitive information by email. Do not provide personal, financial or sensitive information (including new passwords) in response to any email purporting to be sent by an NVIDIA employee or representative.

Check back on the NVIDIA Forums for updates.

Link to comment
Share on other sites

By cloud, you mean "internet" correct?

Yep. Internet isn't permanent, it's transient. Like farting clouds :-D

Link to comment
Share on other sites

This topic is now closed to further replies.