Jump to content


Photo

CNC:Online: has there been a data breach?


  • Please log in to reply
10 replies to this topic

#1 Robware

Robware
  • New Members
  • 1 posts

Posted 22 October 2023 - 05:47 PM

This isn't an accusation, just a query. I hope this query finds itself in the correct location.

 

For some context: every service I sign up to gets a unique email address, helping me to keep tabs on how my data moves around.

I got an email today, for an OpenAI account verification, on the email address that I used for cnc-online.net. This suggests to me that my data has made its way outside the confines of the Revora ecosystem. Obviously, if this is the case, this has some significant ramifications under GDPR.

 

I understand this is a pretty sombre first post, but I wanted to see if anyone was aware that the data for this platform has spread elsewhere.



#2 Kroezensjtern

Kroezensjtern
  • New Members
  • 1 posts

Posted 22 October 2023 - 09:13 PM

Hello.

I use the same system. Cheers!

While i never used Revora, i came here now for the exact same reason and with the same assumption.

Everyone should at least change their password now and admin must find the source of the breach.



#3 nghinhut

nghinhut
  • New Members
  • 1 posts

Posted 23 October 2023 - 10:25 AM

Hi guys,
I got an email just now for OpenAI account verification.
My dark web monitoring tool also reports my password is leaked.
The admin should reset all user passwords to mitigate this.


#4 narrow_consist_drowse

narrow_consist_drowse
  • New Members
  • 3 posts

Posted 23 October 2023 - 06:02 PM

Same here; I got an OpenAI signup email. I posted in another thread first: https://forums.revor...online-address/



#5 golfcaddy

golfcaddy
  • New Members
  • 3 posts

Posted 23 October 2023 - 07:16 PM

Same here.  Different emails for everything... OpenAI verification on this email address.



#6 greatguygary

greatguygary
  • New Members
  • 2 posts

Posted 23 October 2023 - 10:37 PM

+1
I have an email address specifically for this service and received an OpenAI email verification ~6 hours ago.



#7 5andshark

5andshark
  • New Members
  • 2 posts

Posted 27 October 2023 - 01:40 PM

+1

 

There clearly was a leak of user email addresses.

Yet I cannot find any official statements nor am I able to get in contact trough email.

 

I already deactivated my email that was leaked, if there is no followup on this, I feel that there is no other option left other then to go trough the data protection agency.



#8 Banshee

Banshee

    One Vision, One Purpose!

  • Network Admins
  • 9,045 posts
  • Location:Rio De Janeiro, RJ, Brazil.
  • Projects:PPM, PPM: Final Dawn, OS SHP Builder, OS Palette Editor, OS W3D Viewer, VXLSE III, etc...
  •  Retired Network Leader
  • Division:Revora
  • Job:Maintenance Admin

Posted 30 October 2023 - 08:57 PM

I do not respond in the name of C&C: Online, since I am officially no part of it. But as far as we have investigated this matter here in Revora, some people did get this email, and other users of C&C: Online didn't. I did not receive such an email, neither did ToxicShock. And, regarding some of the people who received, they had their email accounts leaked by other websites, according to "have I been pwned" services. If you have a real proof that the culprit is really C&C: Online, then you should show their staff (not me) so they can try to figure it out. So far, nobody has found any problems. If they become aware of it, it is in their best interest to find out and solve the problem. C&C: Online does not sell your private data to any third party.

 

Also, I have seen email accounts/forwarders being found out by spammers regardless of the website that you use these accounts. Sometimes, your own email service may sell that information or leak them. It is also possible that it can be leaked if any of your machines get pwned.


Project Perfect Mod

Command & Conquer Mods, Mods Support, Public Researchs, Map Archives, Tutorials, Tools, A Friendly Community and much more. Check it out now!

Posted Image

#9 PurpleGaga27

PurpleGaga27

    Retired C&C Modder

  • Members
  • 2,208 posts
  • Location:Earth
  •  Media Division Top Contributer

Posted 31 October 2023 - 05:53 AM

I noticed the recent thread ads coming into this forum recently. As for me, I have to change my password anyway here as well.



#10 5andshark

5andshark
  • New Members
  • 2 posts

Posted 04 November 2023 - 12:08 PM

I do not respond in the name of C&C: Online, since I am officially no part of it. But as far as we have investigated this matter here in Revora, some people did get this email, and other users of C&C: Online didn't. I did not receive such an email, neither did ToxicShock. And, regarding some of the people who received, they had their email accounts leaked by other websites, according to "have I been pwned" services. If you have a real proof that the culprit is really C&C: Online, then you should show their staff (not me) so they can try to figure it out.

 

So far, nobody has found any problems. If they become aware of it, it is in their best interest to find out and solve the problem. C&C: Online does not sell your private data to any third party.

 

Also, I have seen email accounts/forwarders being found out by spammers regardless of the website that you use these accounts. Sometimes, your own email service may sell that information or leak them. It is also possible that it can be leaked if any of your machines get pwned.

>  If you have a real proof that the culprit is really C&C: Online, 

I use a specific email (and ofcourse password) for each service, that I never user for any other service (this is quite the hassle signing up for services, but it allows me to pin-point any leaks immidiately).

then you should show their staff (not me) so they can try to figure it out.
I am unable to get in contact with them trough email (abuse@, info@), Can you tell me how to contact them perhaps?

 

Also, I have seen email accounts/forwarders being found out by spammers regardless of the website that you use these accounts. Sometimes, your own email service may sell that information or leak them. It is also possible that it can be leaked if any of your machines get pwned.

I have my own hosting / domain / email service. other addresses have not leaked. Would also be too coincidental that several friends i played CNC with got the same email on the same day, while they all use different email services.

 



#11 Banshee

Banshee

    One Vision, One Purpose!

  • Network Admins
  • 9,045 posts
  • Location:Rio De Janeiro, RJ, Brazil.
  • Projects:PPM, PPM: Final Dawn, OS SHP Builder, OS Palette Editor, OS W3D Viewer, VXLSE III, etc...
  •  Retired Network Leader
  • Division:Revora
  • Job:Maintenance Admin

Posted 05 November 2023 - 02:26 AM

There are two ways to contact them. One is using the C&C Support forums, which narrow_consist_drowse did (as you can see in some posts above). The other is the Discord server ( https://discord.gg/7Yp3HXg ). In Discord, Cervantes has responded in gen_chat, although his response does not clarify the situation at all:

 

P0WeRZz

23/10/2023 14:55
Shouln't the news of multiple people using an email that isolated to just cnconline/revora be an indicator of something wrong? I didn't receive the signup on any of my other emails. It's exactly why I create a seperate email for every single website I sign up for. To make sure if I receive crap I'm not expecting on that one, assume all data with respective party is breached.
Cerv | SoftRam CEO

23/10/2023 15:56
this is correct if this would be indeed be isolated while adresses specifically made for our service have been affected the same thing has been reported from our services that adresses specifially for that thing have been affected as well
thats why the main concern atm is potentially a shared 3rd party program being breached but that is not the case as i can tell at this moment

Project Perfect Mod

Command & Conquer Mods, Mods Support, Public Researchs, Map Archives, Tutorials, Tools, A Friendly Community and much more. Check it out now!

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users