CAG Defacing/Hacking News & Updates

CheapyD · Jan 18, 2016

Sorry for the inconvenience this has caused. We are taking steps to make sure our data is as secure as possible.

1) Your passwords are combined with a random set of characters and then hashed to create a unique fingerprint, and only this is stored in our database. This is impossible to reverse engineer, so if you use your CAG password on other sites, they would not be compromised.

2) While we don't have any evidence that any data has been taken, we can't rule out that it wasn't taken. This means your email address and your username might have been taken.

3) A required password change will be incoming. We need to regenerate new salts (the random strings used to make a hash more unique) and that screws up the stored passwords.

More information soon. Thanks for your patience.

Big thanks to John for getting us back up fast.

captaintek3304 · Jan 18, 2016

I bet anyone $10 that Shipwreck finds a way to blame it on Sony.

keithp · Jan 18, 2016

I hope he was caught.

RoytheRobot · Jan 18, 2016

CAH: Cheap Ass Hacker

Ryuukishi · Jan 18, 2016

Date night is saved!

Ferrari Racer · Jan 18, 2016

Must have been a Slickdeals user....kidding

Sorry about what you had to deal with CheapyD and the rest of the staff. Thanks for keeping us updated.

Olengie · Jan 18, 2016

Finally back.

Despite knowing it was hacked, I kept clicking on my bookmark out of habit.

ToadKirby · Jan 18, 2016

Good luck on the cleanup Cheapy. Sad to see this happen, but happy the site is back.

mvpcrossxover · Jan 18, 2016

but the child molester is still on the loose

Olengie · Jan 18, 2016

I already changed my password Cheapy.

Jackovasaurus · Jan 18, 2016

Thanks for the update cheapy. You're on this shit.

MethodManFTW · Jan 18, 2016

Defacing? Lol, wtf happened?

Outrager · Jan 18, 2016

Phew... Good thing I use 1Password.

Nick51705 · Jan 18, 2016

Thank you for all your hard work in getting the site back as quickly as possible!

If it's impossible to reverse engineer the password, then why the mandatory password change?

CheapyD · Jan 18, 2016

ToadKirby said:
Good luck on the cleanup Cheapy. Sad to see this happen, but happy the site is back.

I only had mild panic attacks. John is doing the actual heavy lifting. If only we could channel the energy of a good panic attack!

Z-Saber · Jan 18, 2016

Precaution.

latin trident · Jan 18, 2016

While the site was down, Fire Emblem Fates Special Edition came back in stock at Best Buy! Glad you guys are back up! And I'm kidding about Fire Emblem. Sorry, couldn't resist

Macka1080 · Jan 18, 2016

Thanks for the update Cheapy! All the best in handling whatever crap that idiot threw your way.

whoknows · Jan 18, 2016

Darn. Forced password change takes away the convenience of having both my username and password be whoknows.

phantomphoenix · Jan 18, 2016

They were very philosophical asking questions like "Why are you here?" Makes you think, why are any of us here, really...?

CheapyD · Jan 18, 2016

Nick51705 said:
Thank you for all your hard work in getting the site back as quickly as possible!

If it's impossible to reverse engineer the password, then why the mandatory password change?

We need to regenerate new salts (the random strings used to make a hash more unique) and that screws up the stored passwords.

TacoSpartan177 · Jan 18, 2016

I was worried about what happen soon as I seen it.'

I'm glad the site is backup pretty fast.

phantomphoenix said:
They were very philosophical asking questions like "Why are you here?" Makes you think, why are any of us here, really...?

To get cheap deals and run away with it!

Beatles93 · Jan 18, 2016

I just need to know is wombat okay!? Please tell me we got him to a safe bunker under the city!

neocisco · Jan 18, 2016

I'm not changing my password. That would mean that the terrorists have won.

Thatguy1513 · Jan 18, 2016

Hooray! Now I can go back to spending 90% of my day reading this site!

kanamit · Jan 18, 2016

CheapyD said:
We need to regenerate new salts (the random strings used to make a hash more unique) and that screws up the stored passwords.

I think I've listened to enough of your podcasts to know that this is the type of thing that gets a snarky comment from you guys.

Squarehard · Jan 18, 2016

I'm an Angry Ass Gamer.

What the hell no life hacker?!

Dead of Knight · Jan 18, 2016

CheapyD said:
Sorry for the inconvenience this has caused. We are taking steps to make sure our data is as secure as possible.

1) Your passwords are combined with a random set of characters and then hashed to create a unique fingerprint, and only this is stored in our database. This is impossible to reverse engineer, so if you use your CAG password on other sites, they would not be compromised.

2) While we don't have any evidence that any data has been taken, we can't rule out that it wasn't taken. This means your email address and your username might have been taken.

3) A required password change will be incoming. We need to regenerate new salts (the random strings used to make a hash more unique) and that screws up the stored passwords.

More information soon. Thanks for your patience.

Big thanks to John for getting us back up fast.

Very impressed with this response and very impressed that passwords were not compromised. Thank you for not taking any chances with our information!

whoknows · Jan 18, 2016

Force password change means I'm going to lose the convenience of having my username and password be the same

Ferrari Racer · Jan 18, 2016

phantomphoenix said:
They were very philosophical asking questions like "Why are you here?" Makes you think, why are any of us here, really...?

To continue building my massive backlog of course

Hybrid5006 · Jan 18, 2016

CheapyD said:
We need to regenerate new salts (the random strings used to make a hash more unique) and that screws up the stored passwords.

You should add some pepper too. (seriously tho that adds another layer and pretty much eliminates rainbow tables - at least for now)

SteveGo · Jan 18, 2016

Hybrid5006 said:
You should add some pepper too. (seriously tho that adds another layer)

Of flavor?

redonkalous · Jan 18, 2016

Can we create new passwords now or we wait until CAG notifies us?

fatmanforlife99 · Jan 18, 2016

I think pepsiman did this.

whoknows · Jan 18, 2016

Is credit card information safe for those of us paying for CAG Premium?

Squarehard · Jan 18, 2016

fatmanforlife99 said:
I think pepsiman did this.

The guy couldn't even spell, so I'm pretty sure this is beyond his sophistication.

Tyler Durden · Jan 18, 2016

Wheelchair-bound loser thinks he's awesome. Should check out his Twitter. Dude isn't well.

And LOL @ NeoGAF, what a bunch of libtard nutjob turds linking this thread.

no658ea3 · Jan 18, 2016

Was the child molester caught?!

I'm glad that you guys got the site back up fast.

Squarehard · Jan 18, 2016

no658ea3 said:
Was the child molester caught?!

I'm glad that you guys got the site back up fast.

There was no molester.

That jackass just goes to random forums and takes them down and leaves that message all the time.

Complete and utter troll.

Sgt Barone · Jan 18, 2016

Glad to see the site back so quickly. Thanks John and Cheapy!

MRW2276 · Jan 18, 2016

Anyone else think hackers should have their balls cut off with a rusty butter knife?

Phil · Jan 18, 2016

keithp said:
I hope he was caught.

Do they ever find them?

Ferrari Racer · Jan 18, 2016

I saw on NeoGAF that the hacker was trying to get Keemstars attention. fuck

that.

no658ea3 · Jan 18, 2016

Squarehard said:
There was no molester.

That jackass just goes to random forums and takes them down and leaves that message all the time.

Complete and utter troll.

I know that

no658ea3 · Jan 18, 2016

Ferrari Racer said:
I saw on NeoGAF that the hacker was trying to get Keemstars attention. that.

He is, look at his Twitter. He has 2 tweets that are directed toward him.

Squarehard · Jan 18, 2016

no658ea3 said:
I know that

Only saw the question mark, didn't see the exclamation mark after for the sarcasm. :*(

MRW2276 · Jan 18, 2016

no658ea3 said:
Was the child molester caught?!

I'm glad that you guys got the site back up fast.

Sarcasm is lost by some

no658ea3 · Jan 18, 2016

Squarehard said:
Only saw the question mark, didn't see the exclamation mark after for the sarcasm. :*(

It's ok

eulogywerd21 · Jan 18, 2016

In actuality, during the blackout, I was molested.

But, I liked it. A lot. She's coming back over tomorrow.

CAG Defacing/Hacking News & Updates

Head Cheap Ass

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

Head Cheap Ass

CAGiversary!

Banned

CAG Newbie

CAGiversary!

CAGiversary!

Head Cheap Ass

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!

CAGiversary!