DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Details of Data Breach at MrExcel.com

Posted on January 16, 2017 by Dissent

Seen at MrExcel.com, a breach disclosure with some plain English writing and transparency. Although it’s not good if the hack occurred because vBulletin hadn’t been patched/updated, this disclosure is an example of clear and helpful writing. 

1) What happened?
This is Bill Jelen from MrExcel.com. On the morning of December 6, 2016, our moderators detected a hack in progress at the MrExcel forum. We quickly acted to shut the forum down, removed the user, and restored from the previous day’s backup. At the time, we had no reason to believe that the hack had compromised any user data. However, on or about January 8, 2017, we became aware of evidence suggesting that some user information had been acquired in the December 5 hack and had been posted online.

2) What Information Was Involved?
The hacker accessed and posted userid, e-mail address, and the encrypted password in the form of hash+salt. A hacker with a fast computer can test a billion passwords an hour and stands a 25% chance of breaking the password. The hacker also accessed and posted information from administrative fields showing your last login, number of posts and similar non-personally identifiable information. If you had an account at the MrExcel Message Board on or before December 6, 2016, you are affected.

3) What We Are Doing?
We previously scanned for malicious code and restored from a backup to remove any lingering effects from the hack. Additionally, we continue to update and patch the website software from vBulletin and we are converting the website to use a Secure Socket Layer.

4) What Can You Do?
We are requiring all users you to promptly change your password at MrExcel.com and encourage you to take other steps appropriate to protect this online account. We also encourage you to change your password and take steps to protect any other online accounts where you have used the same password with your username or email address for MrExcel.com. You are are further encouraged to maintain different passwords for MrExcel.com and for any other online account that connects to the same email address or password.

During the investigation of this incident, you can search also for your e-mail address at leakedsource.comto find a list of data breaches involving your e-mail address.

I deeply regret this incident occurred and I apologize.

5) For More Information
Contact Bill Jelen – [email protected]

Date of Notice: January 14, 2017.

Update: Frequent Questions:
Q: What is the longest password we can use?
A: 50 characters, a mix of letters, numbers, and symbols

Q: How can I delete my account?
A: Write to the e-mail address [email protected] and I will gladly remove you.

Q: How do I know this is not a clever Phishing scam?
A: When you are signed in on the board, you will see our notice. I’ve also been posting notices that this is not a hoax on Facebook and Twitter. See the Twitter notice here: https://twitter.com/MrExcel/status/820641834670104576

Q: Some members have their date of birth displayed. How can I delete mine?
A: Annoyingly, once the date of birth is entered, it does not seem to be removable. Please set it to a generic Jan 1, 1917 date. (Making sure you appear older than 13 to avoid COPPA issues).

Q: I also have an account at your MrExcel store. Was that data compromised?
A: No. 

Q: You just sent me an e-mail to [email protected] but when I try to sign in with that very same e-mail, it says I don’t have an account!
A: In most of these cases, I am finding the actual address in the forum is [email protected] and someone in I.T. has cleverly designed an e-mail forwarding recipe to send those e-mails to the new corporate name. If you can’t figure it out, send me a note to [email protected] and I will do a wildcard search to try to find you.

Category: Business SectorHackU.S.

Post navigation

← No payoff for hackers, Arkansas school district says
Zimbabwe computer hacker takes $70k from OK Zim →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.