Hi all,
Wanted to share an update with you all following some concerning behavior from a particular user who claimed data was being stolen and there had been a breach in the N4G profile system.
The dev team has been working tirelessly through the night and this morning to rectify any issues caused by the user, and we now believe there has not been a data breach as such, but rather a compromise in the system that allowed the individual to exploit and post update messages. Although the user was banned by Chris and the team there is a delay in closing the user active session so they were able to continue to post spam comments.
We will be looking to rectify this issue.
What have we done
We have deleted all of the offending accounts that had the ability to modify the stories - and as mentioned re-evaluating the entire security of the site to ensure this doesn't happen again. Looking forward we will be looking to implement Single Sign On which will further enhance the security measures.
It's a real shame that this sort of stuff happens, as it puts the entire community as well as the hard-working team behind the site, under huge pressure. We would ask that all of us keep an eye on the site and flag if anything is suspicious so our teams can action right away.
Your feedback is listened to
We have also had a number of concerns raised about the ads on the site. The site is supported by advertising from the community - this allows us to continue to run N4G. We have introduced N4G Rewards as ultimately we want to reduce the number of ads on site, but until this develops, the ads need to be on the site to ensure it's supported. We are hugely grateful for the loyal community that comes back each day and we're confident in our plans for 2024 that N4G will be in an even better place.
ACTION
For now, to be on the safe side and despite the fact we have resolved the issue, we would recommend changing your password for N4G. Our team is monitoring everything closely and will let you know if there is further guidance.
Once again, thank you for not only your support of the site but your vigilance against those who unfortunately want to damage and harm the thriving community that resides here.
Thank you,
Andrew and the team, BGFG
"USERJOY announces the upcoming release of "The Legend of Heroes: Trails of Cold Steel - Northern War'" Global Version, scheduled for launch on May 29th. Today, the Pre-registration is live on both the App Store and Google Play, offering exciting rewards along with introduction and promotional video. Embark on this epic adventure by joining the pre-registration today!" - USERJOY .
Yeah, I give it 8 months before they close the servers. I love Trails; in all honesty, I think it's one of the best RPG franchises and also the best when it comes to world-building. But it's not popular enough to sustain a gacha mobile game for more than a few months.
Remnant 2's The Forgotten Kingdom DLC captures everything great from the base game and pushes it to a new height.
Experience the thrill of Outcast: A New Beginning. Dive into this sequel to a forgotten classic and uncover an unforgettable gaming experience. Our Review
More communication than the Sony hack of 2011. Thanks for the work guys.
I received a PM last night from the person, and they were claiming to be a "soon to be former employee". They said their purpose was to call out BGFG's lack of proper encryption of passwords, putting all of its users at risk.
The weird thing is though, after the site went down last night, those PMs were completely scrubbed from my mailbox, as if they never existed.
They were responding to a comment I had dropped on Christopher's post about this.
I'd never hear of resetera until this hack, so it dids it job hahaha
I’m sure there are no risks but yes changing passwords is always a good idea after unexpected behaviour.
Thanks for the update 👍
There has been some goofiness with the site header covering the profile dropdown for a while now making it hard to sign in or check notifications. Looks like it may be fixed, but I won't know for sure until I need to sign in again or get a notification. What's the best way to bring up issues like this?
Also, it seems like we get signed out after 3 or 4 days without being on the site on a certain device. Is there any chance that could be extended? It wasn't really a problem before when it was just the sign in, but then captcha was added and I often have to go through multiple picture match things to get signed in and it's pretty annoying.