FSElite Threatened with Hack
We have received a credible threat to FSElite suggesting we may be hacked by the same hacker who breached FSLabs’ website and forums last week.
You can read details on their hack here.
Early last week, an anonymous email was sent to our senior leadership team with ‘supposed’ details that were ‘stolen’ from FSLabs’ database.
To emphasis, the information was sent to us by a random email with no way to respond to authenticate the information. Had we been able to, we would have reported it to the authorities accordingly along with all relevant information, whilst protecting our user’s privacy.
As a result of not believing the data to be accurate, nor us being able to verify the data, we believed it to be something we shouldn’t report on.
The information held in the email was database table names.
However, we have now received a credible threat from this ‘hacker’ who has said that unless we report on what data was stolen, then FSElite would face the same fate. The reason we believe this threat to be credible is due to this comment posted on our website just a few hours ago:
“FSElite. Now you need to be truthful about knowing that more data was stolen that FSLABS is admitting too. Your recent article quoted them saying they think no more data was taken when you were given a sample of unedited data so know this to be deceitful. Regurgitating the statement without question is not the sign of a trustworthy publication.
Choosing not to publish private data is one thing. Not informing users you know more and they are being lied too while printing FS Labs quotes you know to false is bad sportsmanship. As is deleting comments with no personal info included .
You are going to be having problems of your own soon if you do not be truthful to your readers. If you think Cloudflare and changing some passwords will protect you, you understand security as much as FSL.
Do the right thing. It would be a shame to see another suffer due to making bad decisions.”
Only a handful of members of the FSElite team knew of the contents of this email, which is what leads us to believe the person posting this comment also knew of that information. We determine that it’s either the hacker themselves, or something with knowledge of the hack / email sent to us.
As a result, we’ve tightened up some of our security elements (more than just Cloudflare and a few passwords like the hacker suggests) and have a plan in place IF we do get breached. Furthermore, we’re primed to report it to any applicable authorities. We’ll be ensuring if anything were to happen, we would continue to remain GDPR compliant.
We’re taking this matter extremely seriously, and felt it was only right to report it to the community as soon as we had a better understanding of what was happening. I know it may seem anti-climatic if nothing happens, but as a team, we want to do what we feel is right.
We acknowledge that this is an extremely sensitive subject and have always worked with the communities interest in mind.
I want to be the first to apologise for this. Whilst elements of this are beyond our control, I feel a responsibility to ensure that everyone who visits the site feels safe browsing and knowing that their privacy is respected. We work hard daily to provide fair content in a constructive way. I do feel saddened that someone has malicious intent to try and destroy that trust. I won’t condone that kind of behaviour in any way shape, or form.
This may or may not trigger some kind of reaction from this supposed hacker, but we want to be crystal clear as soon as possible. As always, please direct any questions you may have to us either below or via email. If things do go wrong, please wait whilst we work to bring things back up to speed.