Results 1 to 6 of 6

Thread: Tanked security incident

  1. #1
    Administrator Seth's Avatar
    Join Date
    Jul 2002
    Location
    Japan
    Posts
    5,369

    Default Tanked security incident

    Hey guys,

    I've recently become aware (within the last 24 hours) that my secondary data center (Liquidweb) got tricked (via a phone call from an imposter) into disabling 2fa and giving out information that compromised the security of a secondary server that I use. This happened June 12th, 2018.

    While the attack seems to have been attempting to get into my email address (the attacker failed as rtsoft/email isn't hosted there at all) this server hosted one thing of value: Tanked.

    Better safe than sorry, so I'm making this announcement (you may also receive an email about this and see an announcement inside the game):

    Your Tanked data could be at risk including your IP address and if you have a TankID, your TankID email and Tanked password.

    Tanked is basically a dead game that has seen very little activity in the last few years but this could still be a problem if you use the same email/TankID/password at other places.

    If you've used your Tank password on any other game or website, you should change them at those places!

    You can change your Tanked password here.

    If you've bought something in Tanked, your payment information is safe, it isn't stored with us. Our main servers were not compromised, so these forums etc were not affected.

    Sorry about this, I've beefed up security across the board and have put additional protections in place.
    Seth A. Robinson
    Robinson Technologies

  2. #2
    Master Sorcerer JOSHIE63's Avatar
    Join Date
    Jan 2014
    Location
    Pennsylvania
    Posts
    4,488

    Default



    I am not super tech savvy, but when I tried to change my password, this was displayed after I entered my new password.

    What does this mean?
    I AM THE GREAT OHLID

  3. #3
    Master Sorcerer Kranken's Avatar
    Join Date
    Feb 2014
    Location
    Stranger Danger :^)
    Posts
    3,458

    Default

    weird how such a thing could occur at all, can't you take any legal actions against the impersonator?
    [COLOR=Kranken][/COLOR]




    Click on the spoiler to show how many damn's I got. By clicking there, you'll give me a damn.


    Get free levels in GETFREELEVELS.

  4. #4

    Default

    Quote Originally Posted by JOSHIE63 View Post


    I am not super tech savvy, but when I tried to change my password, this was displayed after I entered my new password.

    What does this mean?
    Ayyy, me too. I tried resetting my password a bunch but kept getting told my password was too long. Looks like 10chars might be the limit (Because that's when it switches from the too long to the error. Weird, though, because my current password is longer than 10chars). Kept hitting the back button and just resubmitting because the web interface is pretty gross and that's just about all you can do. Nothing seems to work, but I did play around with a bunch of possible password combinations for a while. Turns out the minimum is also 3chars. 3-10chars, no special chars as far as I can tell, probably case insensitive like Growtopia as well. Welp...

  5. #5
    Administrator Seth's Avatar
    Join Date
    Jul 2002
    Location
    Japan
    Posts
    5,369

    Default

    Oops, I fixed the password change form, also raised the max pass to 12. I think the WebOS client on the smallest screen size may have had trouble entering long passwords, can't remember. WebOS is very dead so I don't think that's an issue anymore.
    Seth A. Robinson
    Robinson Technologies

  6. #6

    Default

    Quote Originally Posted by Seth View Post
    Oops, I fixed the password change form, also raised the max pass to 12. I think the WebOS client on the smallest screen size may have had trouble entering long passwords, can't remember. WebOS is very dead so I don't think that's an issue anymore.
    Can you give us a date on the closing of the online portion? Also, if possible can you release the usernames of players whose passwords might have been taken.
    Thanks
    Go here
    http://www.rtsoft.com/forums/member.php?91961-playerde

    Make my main the most visited banned person!!! PLz

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •