There was an attempted security breach against our SQL database on Sunday afternoon that caused issues with our site until the evening. This attempt was unsuccessful at retrieving any information from our systems (so all emails, passwords, etc were kept secure) but some dynamic aspects of the site were changed during this period. Because of this, I suggest all users virus-scan and spyware-scan their systems if you visited the site on Sunday. If you do not have av or spyware scanning software installed I would suggest:
http://www.free-av.com/ <-Avira AntiVir
or
http://free.grisoft.com/ww.download-avg-anti-virus-free-edition <-AVG Free Edition
for av scanning and
http://www.safer-networking.org/en/index.html <-SpyBot S&D
for spyware scanning.

To ensure that no traces of any site changes remained we have reverted to our backup from Saturday night which means all posts, pm''s, etc... made after the backup were removed.

Update: As some of you noticed. There was another breach Monday afternoon that used a different vector than the initial breach. Because we saw multiple vectors in use, we made the decision to pull down the site Monday in the early evening and have been testing and reworking the logic for all pages on the site. We have also removed some older pages that we were seeing attempts against. In order to clean up after Monday we did have to revert our user table back to a the Monday at midnight backup. This means that the users who signed on Monday were lost along with their posts and pm''s however, all posts and pm''s made by existing users were retained. Please note that we are continuing to do everything possible to ensure the integrity of this site and your security.

-BR-Tech

Edited on 5/11/2008 10:19 PM

Edited on 5/13/2008 2:19 AM

My software found and destroyed the VBS/Psyme Trojan when I tried to log in earlier today.  If your computer seems to be acting oddly since being on this site today, I'd suggest doing a search for this specific file and getting rid of it ASAP.

Deb
--------------------
Do you want to play.net?

There has been no indication that the user information area of our db was breached. That being said, if you do run a virus scan and find some of the little buggers on your machine, they could expose your passwords from your local machine. So you may want to change some passwords if you find an infection.

-BR-Tech