Posted 2019-08-28 at 10:06
At approximately 6:30 am on the 27th of August UTC our website was attacked by hackers, there was a failed Ddos attack (Our server handled this well) but the attacker has managed to deploy a script to change all users passwords.
There was no breach of users data as the Ddos attack didnt work on our site, so all your passwords are safe, all account information is also safe. We have isolated the issue and our team are now working on securing the site and revering the database to how it was before the attack. All account balances and recent activity will remain we are only fixing the hacked tables.
The login page will be out of action, so no users can try to login or use their accounts until we fix the issue.
You will be able to login around 5 Hours from now (16:00 UTC)
I repeat, no users data was lost to attackers in this hack, we have isolated the issue and are taking steps to revert the damage ad resume normal service. sorry for the delay.
All those members who opened tickets about account access will be deleted as this will be resolved soon.
Thank you for your trust and cooperation at this time.
Our team are working hard to minimise any disruption.
All issues have now been fixed.
We can confirm all data is safe and no breach has occurred, but just as a safety precaution you should all change your passwords once logged in.
If you have any issues please contact support.
Also please check your pending withdrawals, we want to be sure it I'd your account we are sending to. This is important so we will be delaying all payments until Monday 2nd September so you have time to check. If you do not check it is your fault.
Thank you for your support and trust
Posted 2019-09-01 at 20:25
Adzbux Privacy Notice:
Adzbux act as a 3rd party between advertisers and customers. We hold just 4 pieces of personal information on each and every member these are: Full Name, Email, Payment processor send addresses and Password. Our passwords are stored in an encrypted form, these will not be readable to anyone if stolen. Names and emails are stored in plain form on our secure server. We do not hold any payment information like Card information or have any access to any ones payment accounts.
Since the recent attempt to hack our database we have enforced the following actions:
We now store Names, Emails and Payment accounts in encrypted form, You can see them from your account but if the database was breached the hackers would have no valuable information.
Here is a statement about our server security:
Our servers are monitored by a team of engineers who maintain the stability and load distribution of our servers allowing you to have a seamless browsing experience most of the time no matter how much traffic we are distributing. With this team of engineers we also have specialists in security and server management. During the recent attempt on our systems our server engineers locked down our database, mitigated a Ddos attack and froze the offending files that were used to change information in our database, from this point on no information could enter or leave our servers. During a breach of any kind the servers would most likely lock down and stop any breach of information. If by any chance this fails and the attackers do download our database all your information is encrypted and of no use to the hackers.
We believe with this update and our team working to keep the website working we have one of the safest websites on the internet today.
We asked everyone to check their payment accounts and to change their passwords just as a precaution, as safe internet users you also know to use a different password for every website you use. We cannot stop direct hacks on individual accounts, our security can loack down accounts, but not always, your account security is your responsibility.
We also have extra information for general browsing and payments on our website:
Although most of our site is run through a https:// Secure connection some pages still need to run through a http:// insecure connection, to be viewed (Mostly our advertising pages) Please take note that any page where you enter passwords, debit/credit card information or any other sensitive information will always have a https:// Secure Connection meaning any information you pass through the pages will be secure.
VPN's are not as secure as you may think and are not allowed to be used on Adzbux, we make the service secure for you, we also need you to reveal your correct location for fraud prevention. Any Proxy or VPN usage on our website will result in termination of your account.
Please read and share this information to help others change their security habits and help other websites keep their members safe.
We thank you for your continued support and trust in Adzbux.