Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    pfsense forums data breach confirmed

    Forum Feedback
    14
    38
    1829
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mer last edited by

      I'm kind of wondering about the motivation of this thread now.
      Is it simply:
      Hey the old pfsense forum may have suffered a data breach, so you may want to be aware of any place you use that password/email combo and change it.

      That is a good thing, a heads up to everyone.

      Not sure if there is much value in posting redacted headers and such since the old forum has no way for users to change anything, all you could do is change your password on the current forum if you've used the same email/password combo.

      Just my opinion feel free to ignore as you wish.

      johnpoz 1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator @mer last edited by johnpoz

        @mer said in pfsense forums data breach confirmed:

        wondering about the motivation of this thread now.

        Same here - seems like the subject is meant to draw attention, get on google, etc.. When clearly there is no such evidence of any sort.... @mer have you got any spam on your unique email - oh yours doesn't look unique never mind..

        Now if we had a huge number of users saying hey I got spam xyz.. To my unique only used on this forum.. Then you might have something to talk about..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 23.01 | Lab VMs CE 2.6, 2.7

        M 1 Reply Last reply Reply Quote 1
        • dennis_s
          dennis_s Netgate last edited by

          Our IT team has been looking into a possible breach of the Netgate forums. They have found no evidence of any breach or of users' email/passwords being compromised in any way.

          All users that migrated their accounts to the new (current) forum were forced to change their password at that time, mitigating anything that may have happened prior to that.

          1 Reply Last reply Reply Quote 1
          • M
            mer @johnpoz last edited by

            @johnpoz It's not unique, and yes "I've got spam" :) At least comcast has been training their algorithms, they do a decent job of marking them as such.

            @dennis_s Thanks for the info.

            1 Reply Last reply Reply Quote 0
            • A
              Anonymous-5132 @johnpoz last edited by

              @johnpoz said in pfsense forums data breach confirmed:

              @anonymous-5132 said in pfsense forums data breach confirmed:

              "Well I haven't received spam" is not evidence. Absence of evidence is not evidence

              Its same sort of evidence that your trying to present ;)

              I've presented hard evidence in the form of server logs and email headers. You've presented absolutely nothing but your word. They are not the same in any way and any reasonable person would know that.

              What if, for sake of argument, I don't believe you? ☺ I showed you the proof that I have received spam, so you don't have to take me at my word. Show me the proof that you haven't received spam so I don't have to take you at your word. If I was paranoid I might think you're hiding something... 🤣

              I, and three other people, have presented evidence that the old pfsense forums suffered a data breach, while you've presented absolutely nothing that it hasn't. If not that, then what? What other explanation do you have that fits the evidence that has been posted so far? Present evidence, not words. Proof.

              Why are you arguing so hard against this from such a weak position? What is it to you?

              @mer said in pfsense forums data breach confirmed:

              I'm kind of wondering about the motivation of this thread now.
              Is it simply:
              Hey the old pfsense forum may have suffered a data breach, so you may want to be aware of any place you use that password/email combo and change it.

              That is a good thing, a heads up to everyone.

              Something like that. "Hey, change your passwords, start using a password manager with unique passwords for all sites, and turn on 2FA. If you used a unique email, change it and block delivery to the old address if you have the ability. Also be aware that it's possible any information you provided to the old pfsense forum and anything connected to it may be in the wild now, which may include private messages."

              Not sure if there is much value in posting redacted headers and such since the old forum has no way for users to change anything, all you could do is change your password on the current forum if you've used the same email/password combo.

              In my opinion one should present evidence when claiming a data breach, otherwise it tends to look like simple trolling. It also gives admins a reference to look at while investigating.

              @johnpoz said in pfsense forums data breach confirmed:

              When clearly there is no such evidence of any sort....

              The only ones not presenting evidence are you and the other naysayers. There's plenty of evidence. Have you looked at the other thread? Have you looked at the evidence I presented?

              Now if we had a huge number of users saying hey I got spam xyz.. To my unique only used on this forum.. Then you might have something to talk about..

              Do you know how I know you didn't read my previous post? Give it time. This thread has already attracted another confirmation, albeit without providing evidence yet. More will eventually filter in, especially if you keep keep this thread alive. 😂

              @dennis_s Thanks for the update, but this seems to be only related to the old forums. Once enough users come forward with evidence I think an official breach notification might be nice. It would also give a place to explain anything else that may have been compromised as well as listing everything that couldn't have been involved.

              I have no evidence that the Netgate forum, or any other part of the Netgate website, has been breached, nor am I claiming that. If it seemed that I was claiming that the Netgate forum has suffered a data breach that was not my intent. This is all about the old pfsense forum and any software tied in to that system at that time. We know that at least email addresses have been leaked, but so far we don't know what other data may or may not have been involved.

              tESting1

              M johnpoz 2 Replies Last reply Reply Quote 0
              • M
                mer @Anonymous-5132 last edited by

                @anonymous-5132 Thanks: I was just making sure, I was not trying to imply or assume motive to anyone

                1 Reply Last reply Reply Quote 0
                • A
                  Anonymous-5132 last edited by Anonymous-5132

                  Wow, what junk forum software. My post above isn't spam until I try to edit it to remove the duplicated word. Teach me to proofread three times... 🙄

                  ---Edit---

                  Just testing to see if all my edits are considered spam for some reason...

                  tESting1

                  1 Reply Last reply Reply Quote 0
                  • johnpoz
                    johnpoz LAYER 8 Global Moderator @Anonymous-5132 last edited by johnpoz

                    @anonymous-5132 said in pfsense forums data breach confirmed:

                    Have you looked at the other thread? Have you looked at the evidence I presented?

                    Yes - and there is no "evidence" you getting some email to some address "you" say has not been used elsewhere - or not leaked "elsewhere" or someone didn't specific add to a spam list, etc. etc.. is sure and the hell not "evidence" of a breach... When more than you come forward and say hey we all got this spam, from our only used on this forum you might have something worth talking about.

                    My "EVIDENCE" show no spam to my private address - so clearly your email address was obtained elsewhere.. Do you see how thin you accusation is?

                    getting email to the clearly unique and unknowable "pfsense" at some domain - yeah just screams their db has been compromised <rolleyes>

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                    A 1 Reply Last reply Reply Quote 0
                    • A
                      Anonymous-5132 @johnpoz last edited by

                      @johnpoz said in pfsense forums data breach confirmed:

                      @anonymous-5132 said in pfsense forums data breach confirmed:

                      Have you looked at the other thread? Have you looked at the evidence I presented?

                      Yes - and there is no "evidence" you getting some email to some address "you" say has not been used elsewhere -

                      So we're supposed to believe you at your word but not me? You who has yet to post anything but words and has given absolutely no reason whatsoever to be trusted and in fact has shown good reason not to be trusted? 🤔

                      or not leaked "elsewhere" or someone didn't specific add to a spam list, etc. etc.. is sure and the hell not "evidence" of a breach...

                      So I leaked my own email address, defeating my own system I put together to detect leaked email addresses? Or are you claiming I faked the email headers and server log lines I posted? And you think I'm the one being completely unreasonable? ROFL!

                      When more than you come forward and say hey we all got this spam, from our only used on this forum you might have something worth talking about.

                      You mean like the three other people who have posted? Did the two others who posted evidence so far fake their evidence as well?

                      My "EVIDENCE" show no spam to my private address - so clearly your email address was obtained elsewhere.. Do you see how thin you accusation is?

                      Your "evidence" is your word and absolutely nothing else. You claim that you haven't received spam, and quite frankly, I don't believe you. I, and two other people, have posted hard evidence. You have posted crazy assumptions and ignored facts.

                      getting email to the clearly unique and unknowable "pfsense" at some domain - yeah just screams their db has been compromised <rolleyes>

                      A data breach of the old pfsense forum is the simplest explanation given the facts. What else could explain multiple different people all receiving spam to an address only used in that one place? Do you honestly believe that three different people all decided to forge evidence to falsely claim that they got spam to a unique email used at a single website and then all chose the old pfsense forum out of millions of choices? Oh, but I'm the one being unreasonable. 🙄

                      One of us has posted evidence, and one of us has not. One of us has read the evidence posted by two other people, and one of us has not. The fact is the evidence posted so far supports the theory that a list of email addresses used on the old pfsense forums has been leaked. No amount of words from a clearly unreasonable person will change that.

                      tESting1

                      J 1 Reply Last reply Reply Quote 0
                      • J
                        jdeloach @Anonymous-5132 last edited by

                        @anonymous-5132

                        I think it's about time that a moderator LOCK this post as there has been no credible evidence that there has been a leak posted and lets quit feeding this troll.

                        1 Reply Last reply Reply Quote 0
                        • J
                          Joolee last edited by

                          The full (redacted) E-mail I received is:
                          https://pastebin.com/ApKP3fmG

                          kiokoman 1 Reply Last reply Reply Quote 0
                          • kiokoman
                            kiokoman LAYER 8 @Joolee last edited by johnpoz

                            let me guess !! let me guess !!
                            the email of @johnpoz johnpoz [snipped mod]
                            🙄

                            ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                            Please do not use chat/PM to ask for help
                            we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                            Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                            johnpoz 1 Reply Last reply Reply Quote 0
                            • johnpoz
                              johnpoz LAYER 8 Global Moderator @kiokoman last edited by

                              @kiokoman no that is not private address that the forum knows about..

                              An intelligent man is sometimes forced to be drunk to spend time with his fools
                              If you get confused: Listen to the Music Play
                              Please don't Chat/PM me for help, unless mod related
                              SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                              kiokoman 1 Reply Last reply Reply Quote 0
                              • kiokoman
                                kiokoman LAYER 8 @johnpoz last edited by

                                @johnpoz
                                it was here
                                https://forum.netgate.com/topic/61267/minor-issue-with-client-export-config-commands
                                maybe you should clean that also
                                I wanted to show that it is not impossible to find them
                                also
                                https://marc.info/?l=pfsense-discussion&r=1&w=2
                                it's full of information about personal emails for example

                                ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                                Please do not use chat/PM to ask for help
                                we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                                Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                                johnpoz 1 Reply Last reply Reply Quote 1
                                • johnpoz
                                  johnpoz LAYER 8 Global Moderator @kiokoman last edited by

                                  @kiokoman thanks - from 2013, wow.. Not sure how I missed that way back then.

                                  But yeah great example..

                                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                                  If you get confused: Listen to the Music Play
                                  Please don't Chat/PM me for help, unless mod related
                                  SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                                  J 1 Reply Last reply Reply Quote 0
                                  • J
                                    Joolee @johnpoz last edited by Joolee

                                    @johnpoz your email address is also exposed in your Redmine profile, in case you're wondering. You can set it to private in the settings.

                                    bingo600 johnpoz 2 Replies Last reply Reply Quote 0
                                    • bingo600
                                      bingo600 LAYER 8 @Joolee last edited by bingo600

                                      @joolee
                                      Might be nice to edit the above to just say your mail address

                                      If you find my answer useful - Please give the post a 👍 - "thumbs up"

                                      pfSense+ 22.05 (ZFS)

                                      QOTOM-Q355G4 Quad Lan.
                                      CPU  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
                                      LAN  : 4 x Intel 211, Disk  : 250G EVO870 Sata SSD

                                      1 Reply Last reply Reply Quote 0
                                      • johnpoz
                                        johnpoz LAYER 8 Global Moderator @Joolee last edited by

                                        @joolee thanks - but that is not the address tied to my forum account either.. But another great example on my part ;) showing that email can be harvested without a "breach".. ;)

                                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                                        If you get confused: Listen to the Music Play
                                        Please don't Chat/PM me for help, unless mod related
                                        SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                                        1 Reply Last reply Reply Quote 0
                                        • provels
                                          provels last edited by

                                          I get spam every day in my roadside mail box.
                                          Who do I see about that?

                                          Peder

                                          MAIN - pfSense+ 23.01-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD
                                          BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

                                          johnpoz 1 Reply Last reply Reply Quote 0
                                          • johnpoz
                                            johnpoz LAYER 8 Global Moderator @provels last edited by johnpoz

                                            @provels I would contact the Postal Service about their breach.. Since clearly that is the only explanation

                                            An intelligent man is sometimes forced to be drunk to spend time with his fools
                                            If you get confused: Listen to the Music Play
                                            Please don't Chat/PM me for help, unless mod related
                                            SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                                            1 Reply Last reply Reply Quote 0
                                            • Locked by  dennis_s dennis_s 
                                            • First post
                                              Last post