Dear The Source users,

as has only recently come to my attention, The Source's user database was compromised and in part downloaded (usernames and password hashes) more than a year ago. The vulnerability that was used to gain system-level access to dump parts of the database is currently unknown, but I've taken precautions at a lower level that it is much less likely for someone to successfully abuse it again. As with all complicated things in life, success is not guaranteed.

Zilla's account was broken into most recently as far as I know, and I've since disabled/banned his account. He will be reinstated after I've sorted out this mess and managed to get ahold of him to talk over our next steps.

In the meantime, I've invalidated all current sessions, and beseech you to rotate your The Source account passwords at your earliest convenience.

Thanks very much, and sorry for the terrible inconvenience.

colo



PS: If you have any questions concerning this incident, please reach out to me by email at c0l0 at gmx dot at.