Possible Nexus security breach

[Nebulous112]

Please see this post: https://forums.nexusmods.com/index.php?/topic/3508890-potential-database-breach/

 

Might be a good time to change your password, folks.

[Darth_mathias]

thanks for the head up changing now

[EssArrBee]

Sounds like they need a new security company. Didn't want to admit anything, really vague emails, don't work weekends. 

[GrantSP]

Doesn't instil confidence when the CEO is informed "fourth hand" about the matter. Security firm -- university -- user (via post on Reddit) -- Nexus

[WilliamImm]

Irgh. Time to look into another security form for this site. I've already changed my password on the Nexus, don't want this to happen to the high profile mods I have access to.

[paradoxbound]

Use a password manager for this stuff, Every site I am signed up to has a different ideally 24 character random password including upper/lower case, numeric and symbols. I use multifactor authentication if it is available especially for sensitive services like Facebook, Google and use physical keys for some services such as Github and Dockerhub including Yubli and an assortment of client supplied dongles. I have changed my Nexus password already. I am glad to hear that Nexus were using good practice and using salted hashes when storing passwords.

[Omolong]

Just to let everyone know, there was a post earlier that explained what they've found out about the whole event.