284.30 // Security Breach

The JEDI Council's channel for public announcements
Post Reply
User avatar
The Jedi Council
Jedi Council
Posts: 4604
Joined: Sun May 30, 2004 7:49 pm
Contact:

284.30 // Security Breach

Post by The Jedi Council »

Greetings, JEDI members and community.

For the past week, the JEDI Council has been investigating a serious breach in forum security. Today, that investigation has come to its conclusion.

We were first made aware of a breach in security when former member Gabe (Alkorda) posted saved copies of private Council discussions from the Jedi Council forums on his website, as supposed “proof” that we weren't taking his suggestion seriously. These pages painted an incomplete and incorrect picture, but we didn't feel it was necessary to address it and its out-of-context nature due to greater concerns. Chiefly among these concerns: How did this security breach occur?

From the beginning, one thing was obvious. Gabe Alkorda had gained access to restricted material – dating even before his resignation – through the use of Phoe Nhix's Comport account. His account name was clearly seen in the upper-right section of the page. To clarify, Gabe's unauthorized use of Phoe's account gained him access to restricted material because of an internal Council policy; retired High Councilors retain their old levels of access once they are moved into the Lost Ones, out of respect for their service and contribution. From time to time, the retired Councilors of the past will send a message to the Jedi Council account, giving insight on one matter or another, adding a greater level of wisdom and experience to the Council. This forum access is removed if the retired councilor rejoins JEDI, due to potential conflicts of interest.

There were a few ways that this breach in security could have happened, but additional investigation was required to determine precisely which method was used to gain access to Phoe's Comport account. Tracking these steps proved to be difficult, but today we uncovered new information leading to a final conclusion.

Today, we were alerted to a troubling fact: additional content from the Attrition Wars forum had been deleted. Instinctively, we checked the forum logs for accesses from Phoe's Comport account. Sure enough, the password had been changed again. However, Phoe is currently on his ship, out in the open sea with only sparse text-only Internet access. After additional investigation, we found the account had been accessed from Gabe Benson's IP address. Having already changed his password once, we were led down the path that brought us to the truth. Somehow, Gabe Alkorda had gained access to Phoe's hotmail password, and was therefore able to reset his password for the Comport at will. It is unknown for how long he has known Phoe's hotmail password, nor is it known how he obtained it.

Note: we are currently investigating to confirm that these two incidents are connected. (The resetting again of Phoe's Comport password, and the deletion of new Attrition Wars content shortly afterward.)

Update: We have confirmation that the second deletion of Attrition Wars content was a mistake, and is unrelated to the security breach. Only the first round of total deletion of Attrition Wars content was purportrated by the three defectors.

The JEDI Council has taken the following steps to put an end to this continued unauthorized access.
  • Phoe's Comport and Hotmail passwords have been changed – Soh Raun was given Phoe's password to do this.
  • The permissions have been removed from Phoe's Comport account until he returns to shore.
  • Phoe has been informed of these changes via SMS and Email.
Because of the unsavory nature of these actions, and our incomplete knowledge of precisely what information Gabe Alkorda was able to access, The JEDI Council strongly urges that the community members take the time to change their own passwords for safety – especially if you believe that Gabe Alkorda at some point has had the password to any of your accounts. If you have any questions regarding this incident, do not hesitate to contact The Jedi Council via PM.

- The JEDI Council.

The Jedi Council of Duneeden

Post Reply