4chan Blog

The DevBlog, reborn.

Concerning a recent intrusion

Last week we were made aware of a software vulnerability that allowed an intruder access to administrative functions and information from one of our databases. The intruder later stated their motive was to expose the posting habits of a specific user they disliked.

After careful review, we believe the intrusion was limited to imageboard moderation panels, our reports queue, and some tables in our backend database. Due to the way the intruder extracted information from the database, we have detailed logs of what was accessed. The logs indicate that primarily moderator account names and credentials were targeted.

Three 4chan Pass users had their Pass credentials accessed, and were notified and offered refunds and lifetime Passes shortly after the discovery. As a reminder, all payment information is processed securely by Stripe—we never see nor store any of it, and thus no payment information was compromised.

We patched the vulnerability quickly after it came to our attention, and have spent—and will continue to spend—dozens of hours poring over our software and systems to help mitigate and prevent future intrusions.

We’re sorry it happened, and will do our best to ensure it doesn’t happen again.

—moot

Notes
  1. me-myself-and-the-moon reblogged this from 4chan
  2. thrillboswaggins reblogged this from 4chan and added:
    THIS IS THE FOURTH FUCKING TIME THIS EXACT POST HAS BEEN RECOMMENDED TO ME WHAT THE FUCK ARE YOU TRYING TO TELL ME MOOT...
  3. joshmanzors reblogged this from 4chan and added:
    thanks mootles moot is olev
  4. lostmarshal reblogged this from 4chan and added:
    moot got reckt by some Australian hacker.
  5. sayer93 reblogged this from 4chan
  6. datstream reblogged this from 4chan
  7. mrplinkett reblogged this from 4chan
  8. homeschooltrackstar reblogged this from 4chan
  9. comunapresencia reblogged this from 4chan