You and I both know what's happening here, and it's not that. :(

Hey bud, welcome to 2013... this is not the 1980's so continuing to spread rumors when you're not up to par on the situation and apparently do not know the full details or extent of said situation is simply not the right thing to do in my opinion... why do I say that?

^ Case in point... I don't know the full extent of the situation and if I don't then neither do you so it does not matter if other information does not agree with "yours". Paul would know more then either of us - assumptions and justifications to what you see are fine but continuing to post them as rumors is not because at the time of your initial posts the most info we all had on this was that released by the so-called "hackers" and does everyone take what they say at face value? Pffffft I hope not so neither should you have see my point? :p

Apparently because Paul already stated they hacked a QA server... so yes ladies and gents if it was an old copy of vb.com database on that QA server and your passwords had not changed then common sense tells us that you need to change your passwords, do that regardless of what you read.

DO NOT USE THE SAME PASSWORD FOR EVERY SITE! Buy a cheap black ledger book from an office supply store/wal-mart etc and write down the passwords for each site, keep in your desk drawer for easy reference. You can also have your broswer remember passwords, I do the ledger book because if the right virus hits your pc then all that info is known as well.

You don't know neither does DJ :p.

I actually do this to an extent.

I use the same password for all sites I'm a member of (e.g., YouTube), However, on sites where I'm a staff member, such as KH-Flare, I use a different password, which is currently the only site I have a different password on. The other sites I'm staff on aren't big / don't have a lot on them at the moment, so I use the same password as places I'm of a member of, but it's a secure password. Then there are also sites that you're staff on, but you're only a sectional moderator that, of course, doesn't have access to the admin or moderator control, so it doesn't really matter.

I actually look at the security more than the uniqueness when it comes to passwords

What hasn't been disclosed and concerns me is whether the hackers had access to customer records and financial information, and the support system which must contain a large amount of fairly sensitive customer information...

Not really sure what financial information you mean.

All the log files that were examined do not show any attemped access of customer data in the support system, they basically targeted the vb user table.

Welcome to I was right.

Had you followed all the resources out there about it you'd have seen there was than just screen shots. But you and others were too busy looking to defend VB rather than following and reading everything at the resources, such as the long thread over at Mac Rumors where there was plenty of info.

The right thing was not IB employees initially taking the Baghdad Bob role.

Just to keep this clear...

No one has yet said vbulletin DOT COM wasn't possibly hacked. The meter was this site, vbulletin DOT ORG.

From the link in post #3, there is NO claim of vb dot org being part of this "hack." And many here have expressed their doubts a exploit for version 4 would also automatically mean this site which uses version 3 was also "hacked."

As far as I can tell, only the author of the first post is claiming it's also vB dot org which was "hacked."

There isn't one shred of proof of that and it's not even a claim the illiterate script kiddies with their dummied up screenshot and their "patch for sale" are even making.

Just got this e mail:

So... can someone explain how exactly they hacked vb.com. Can we have some more detailed answers?