Unity site hacked?

Too much "S*** happens" not enough "we're sorry we messed up" I think. And the answers are generally evasive and vague.

 

(from the FAQ on the blog)

What is that supposed to mean? Are there sites where I can enter my username and password combinations and they check it against all their known database dumps? If so, to me that sounds like a crazy risky thing to use, because those sites could either be compromised or phishing sites in the first place.

 

yes, there are actually ( without entering password, of course ) - e.g. https://haveibeenpwned.com/

 

Great... all my mail adresses have been in breaches except for the one I meant to be the throwaway gmx address.The Unity breach was not listed, but an Unreal breach was, that I don't remember hearing about. Also I didn't know I have an account on their forum but seems like I do.
Thanks for the link.

 

Its probably good that we now know this has occurred. Many hacks go on undetected for months or the company gets held for ransom and never tells anyone.

Funny, I saw the 2FA and immediately enabled it but I had no idea this had occurred til now. I just checked my inbox but aside from a strange new Unity newsletter subscription, I have nothing from "outmine" at Unity as the Unity post suggests.

 

We only know because they defaced the forums though

 

I'm not entirely sure that this has anything to do with it but anyway...

After being prompted to change my password by Unity, I changed it (duh) to the same password as my email. Then early yesterday I have a successful sign-in to my account from an unrecognised device. Also, when I went to log in to facebook, I had to sign manually, whereas I'm usually automatically signed in. Passwords seemed to be unchanged, so I went ahead and changed them without a problem.

Anyway, I don't know if this was a result of the hack, or something else, but it would be a hell of a coincidence. So maybe the site is still dirty.

 

D'oh!

 

I believe it means accounts have been checked against known hash lists from other known compromises, not specifically this incident. You can check yourself via a site like haveibeenpwned.com.

 

Thank you, that makes sense. (maybe it should be clarified in the blog post itself? it's very confusing the way it is phrased right now)