Site Comments & Suggestions

RedFlagDeals has been hacked. Database dump.

  • Last Updated:
  • Apr 17th, 2017 12:27 pm
[OP]
Member
Sep 1, 2011
228 posts
111 upvotes
Toronto

RedFlagDeals has been hacked. Database dump.

Admin edit: If anyone requires assistance with their account (password or email) send an email to support@redflagdeals.com. This includes issues where you don't remember or don't have access to your accounts email address.

Hello all, I searched and haven't seen any notice of this in news or in the forums (though it's possible I missed it, as I just found out) but it seems that RedFlagDeals has been hacked. The database is available in at least one location. I was able to verify my own user details, but I believe the password listed dates back about a year. In any event, the information is legit. Everyone should change their passwords and hopefully a system wide alert forcing password changes?

ETA: the password the hack lists for me is fairly old, I think -- is this old news, and am I just late to the party?

ETA2: the password/hack dates from 2013.
Last edited by TomRFD on Jan 9th, 2017 10:04 am, edited 2 times in total.
Reason: added note
453 replies
Administrator
User avatar
Jun 17, 2013
8364 posts
12707 upvotes
Scarborough
Here is the official response from RedFlagDeals:
***Important security info for RFD users***

There was an undetected breach of the RedFlagDeals.com user database in 2013. The contents of this breach were posted online on Monday, January 9th 2017. No personal information was obtained in this breach, only RFD usernames and encrypted passwords.

As a matter of best practice, we regularly conduct security testing of our sites to minimize the chance of this type of leak reoccurring. As a precautionary measure, we have logged all affected users out of the RedFlagDeals system and are implementing a mandatory password reset. We encourage affected users to take the time to reset their password, when prompted, by clicking ‘Forgot your password?’ and following the subsequent steps. It is also important to change your password on any sites where the same password may have been used.

We apologize for any inconvenience this may cause you.

RedFlagDeals.com
Response to Data Breach Discovered on January 9, 2017
Last edited by TomRFD on Jan 9th, 2017 10:23 am, edited 1 time in total.
Reason: added link to FAQ
RFD Staff [Forum Rules] [Facebook] [Twitter].
[OP]
Member
Sep 1, 2011
228 posts
111 upvotes
Toronto
audit13 wrote:
Jan 9th, 2017 10:18 am
Where did you find the information?
I'm hesitant to put the site out there publically, to be quite honest -- not in a publically searchable thread. I'd rather not be drawing traffic to it, nor advertising where members can find other members personal details, ya know?

That being said, there are a few repositories of hacked databases out there, and it wouldn't be hard to find for someone who was inclined. I saw it by accident, as I was looking at an article talking about haveibeenpwned vs. sites that charge and are of dubious legality. Then I say RedFlagDeals listed, checked it out and thought, well... damn.
[OP]
Member
Sep 1, 2011
228 posts
111 upvotes
Toronto
TomRFD wrote:
Jan 9th, 2017 10:23 am
This is the first I've heard of this. We take account security very seriously here so I have forwarded this over to our IT and security teams for investigation. I will post an update as soon as one becomes available.
Thanks Tom -- feel free to contact me for the details of where I found it. I know since I posted I might get asked where it is, but for entirely obvious reasons I'm not going to post that publically.
Deal Guru
User avatar
Feb 24, 2003
12119 posts
975 upvotes
Toronto
thearcade wrote:
Jan 9th, 2017 10:25 am
I'm hesitant to put the site out there publically, to be quite honest -- not in a publically searchable thread. I'd rather not be drawing traffic to it, nor advertising where members can find other members personal details, ya know?

That being said, there are a few repositories of hacked databases out there, and it wouldn't be hard to find for someone who was inclined. I saw it by accident, as I was looking at an article talking about haveibeenpwned vs. sites that charge and are of dubious legality. Then I say RedFlagDeals listed, checked it out and thought, well... damn.
I understand. I wonder if a mod is able comment on this.

Password changed. Thanks.
[OP]
Member
Sep 1, 2011
228 posts
111 upvotes
Toronto
audit13 wrote:
Jan 9th, 2017 10:41 am
I understand. I wonder if a mod is able comment on this.

Password changed. Thanks.

I've been in contact with Tom (admin) and dumped what I know (admittedly not a lot, just that it's out there). This appears to be the new normal in 2017, I suppose.

In any event, everyone should absolutely change their password, asap - it appear that not all the accounts have a password associated with it, but mine sure did and was accurate at the time (but had since been changed because I cleared Chrome caches and data and couldn't remember it, lol).
Deal Guru
Dec 26, 2010
14084 posts
3102 upvotes
Changed PW the last time there were login problems about 2 years ago. Why they would need my account, I have no idea. If it's for banking info, etc. that's a no-go as I keep those numbers and phrases in my head. Thanks for the heads up though...
Member
User avatar
Sep 26, 2010
422 posts
130 upvotes
Toronto
@thearcade thanks for bringing this to our attention.

The database you linked to us is from 2013, before our new authentication system and the switch away from vBulletin. There were definitely a few times where people found cracks in vB.

I'm going to attempt to find all users whose passwords appear to be the same since 2013 and mass-email them.
[OP]
Member
Sep 1, 2011
228 posts
111 upvotes
Toronto
DougO wrote:
Jan 9th, 2017 10:55 am
Changed PW the last time there were login problems about 2 years ago. Why they would need my account, I have no idea. If it's for banking info, etc. that's a no-go as I keep those numbers and phrases in my head. Thanks for the heads up though...
For the most part, I think these things get hacked because they can be. "Why did you climb the mountain?" "Because it was there". Sport. Demonstrations of ability.

Though, it should be noted, the databases can additionally be sold as aggregate active email databases to spammers. If I'm not mistaken, the recent Yahoo hack was sold three times -- once to an unknown entity that seemed to have a particular interest in political email addresses (so almost certainly foreign intelligence related) and the other two sales to known spam conglomerates.
[OP]
Member
Sep 1, 2011
228 posts
111 upvotes
Toronto
tylerversion2 wrote:
Jan 9th, 2017 11:00 am
@thearcade thanks for bringing this to our attention.

The database you linked to us is from 2013, before our new authentication system and the switch away from vBulletin. There were definitely a few times where people found cracks in vB.

I'm going to attempt to find all users whose passwords appear to be the same since 2013 and mass-email them.
Sorry to ruin everyone's Monday, ha ha :)
Deal Addict
User avatar
Sep 10, 2005
3076 posts
468 upvotes
GTA
Good to have unique passwords for all your accounts when possible
Deal Expert
User avatar
Mar 18, 2005
16554 posts
996 upvotes
Niagara Falls
tylerversion2 wrote:
Jan 9th, 2017 11:00 am
@thearcade thanks for bringing this to our attention.

The database you linked to us is from 2013, before our new authentication system and the switch away from vBulletin. There were definitely a few times where people found cracks in vB.

I'm going to attempt to find all users whose passwords appear to be the same since 2013 and mass-email them.
Bahh, time to update my password. I don't think I've changed it since I originally signed up....

That being said, this is the only site I use this pw on.

Top