Sunday, 14 August 2011

Blog & test servers compromised: update

Aug 14. This is an update to the previous post.

Nickserv and Chanserv services remain unavailable and will be brought up as soon as the solution has been tested and secured.  A copy of this is being tested now.

To confirm, it must be made clear that the Mibbit Client, the Mibbit Widget and the Mibbit User databases and user logs were not compromised or accessed without authorisation.  What was accessed maliciously were two servers:- the blog and (a server used for testing and admin). 
The following information was stolen;

* The personal information of 9 Mibbit operators including their names, accounts and e-mail addresses 
* A backup of nickserv data from [April 2011 with up to 10,000]* user nicknames and their credentials
* Two sets of backup data for one operator user account PMs and Channel logs, used for testing
*After investigations, which have taken place in parallel with work to restore services, we now confirm that the actual date of the backup nickserv data accessed was earlier at January 2010.  This backup contained approximately 6000 actual registered nicknames and credentials.  The PM and Channel history information was a single limited set of that stored by one Mibbit operator for test purposes.
Mibbit has been asked whether it stores all Channel logs - it does not.  Questions have also been asked whether logs of all PMs are made - no such thing is true.  Mibbit does not store data without users permission and requires the active setting of a user on their account to opt-in to log PMs and other items.  Beyond this one Operators logs no other channel history data was accessed maliciously.

It is our policy to allow Operators and any Mibbit user to retain their PMs providing they are not shared. The use of this Operators logs in this way and the subsequent access through the test server should not have happened. As more information is available we will update with what happened and how we plan to make changes to reduce the risks in this area and make our service safer for all. 

Going forward we hope to have the services backup within a short time and a process in place for recovering any lost access. 

No comments:

Post a Comment