# Security and Data Breach Notification



## mesenteria (Oct 29, 2015)

Anyone else seeing this banner in blue caps? It says to 'click here'. I am at the very least highly skeptical, so.........


----------



## Ml-toys (Dec 19, 2013)

I am unsure too


----------



## Big Ed (Jun 16, 2009)

You guys read any threads?
hold on.


----------



## Big Ed (Jun 16, 2009)

http://www.modeltrainforum.com/showthread.php?t=91009


http://www.modeltrainforum.com/showthread.php?t=89586


http://www.modeltrainforum.com/showthread.php?t=89954


----------



## Ml-toys (Dec 19, 2013)

The first post says "is this legit"
Second two links are regarding the password change that i read when they were first posted.

The notice banner looks like a cheap ad for spyware software.


----------



## highvoltage (Apr 6, 2014)

Ml-toys said:


> The first post says "is this legit"
> Second two links are regarding the password change that i read when they were first posted.
> 
> The notice banner looks like a cheap ad for spyware software.


It's a notification of a recent hack that occurred. Apparently the stored passwords were compromised. Since the hash (encryption) of the stored passwords was not very strong, VerticalScope administration decided to change everyone's password and encouraged all to invoke a stronger password, including numbers, upper and lower case letters, and special symbols.

Now you might think that this is only a forum, why use a strong password? People are habitual, they will use the same password for multiple online accounts.

Once a password is hacked it can be used to gain entry to other web locations.


----------



## gunrunnerjohn (Nov 10, 2010)

It's real, but they could have done a better job making it look more real. Truthfully, it does look like an ad more than what it was supposed to be.


----------



## Gramps (Feb 28, 2016)

If you reset your password as was required by MTF then you should be OK to ignore the blue banner, am I right?


----------



## Ml-toys (Dec 19, 2013)

gunrunnerjohn said:


> It's real, but they could have done a better job making it look more real. Truthfully, it does look like an ad more than what it was supposed to be.


Agreed


----------



## gunrunnerjohn (Nov 10, 2010)

Gramps said:


> If you reset your password as was required by MTF then you should be OK to ignore the blue banner, am I right?


Correct, just ignore it.


----------



## highvoltage (Apr 6, 2014)

gunrunnerjohn said:


> It's real, but they could have done a better job making it look more real. Truthfully, it does look like an ad more than what it was supposed to be.


True, does look like spam. But then again I knew the backstory so was able to ignore it.


----------



## thedoc (Oct 15, 2015)

The problem is that they changed the password and sent the information to my E-mail address. I haven't been able to access my aol account for about a month, and did not have the changed password, so now I had to re-register with a different e-mail account so that I could get back on the forum. 

I had almost 800 posts, and now I'm starting over again at 1.


----------



## Big Ed (Jun 16, 2009)

BardoXV said:


> The problem is that they changed the password and sent the information to my E-mail address. I haven't been able to access my aol account for about a month, and did not have the changed password, so now I had to re-register with a different e-mail account so that I could get back on the forum.
> 
> I had almost 800 posts, and now I'm starting over again at 1.


What is your old name that you used?
Post it here, GRJ can help you get back your old name and post count.
He has done it for others.

Post it here he should see it when he comes back.


----------



## gunrunnerjohn (Nov 10, 2010)

BardoXV, I sent you a PM with instructions.


----------



## thedoc (Oct 15, 2015)

gunrunnerjohn said:


> BardoXV, I sent you a PM with instructions.


Thankyou, I got it. The old account was thedoc, but my computer is still messed up, so I'm getting on, on my wife's laptop, and I'm not very good with it. If we can merge the accounts OK, but I'm really not in a hurry, I just thought I'd explain my situation in case someone else had the same problem. Do as much as you can from your end, because there isn't much I can do from here, till I get my computer fixed.


----------



## teledoc (Oct 22, 2014)

BardoXV, Can you access your AOL account on the wife's computer, or you can't get into the AOL account at all?


----------



## gunrunnerjohn (Nov 10, 2010)

BardoXV, you've got mail, or rather a PM.


----------



## RonthePirate (Sep 9, 2015)

Will that Security and Data Breach Notification go away anytime soon?
It's not that bothersome, but now that we all know, it's not necessary.


----------



## highvoltage (Apr 6, 2014)

RonthePirate said:


> Will that Security and Data Breach Notification go away anytime soon?
> It's not that bothersome, but now that we all know, it's not necessary.


I suspect they'll keep it up for a period of time for those who don't regularly log in.


----------



## thedoc (Oct 15, 2015)

teledoc said:


> BardoXV, Can you access your AOL account on the wife's computer, or you can't get into the AOL account at all?


Yes, it seems that my problems with aol were my computer and I kept getting an error message, but on my wife's computer I have no problems, but I still couldn't find the e-mail about the new password.


----------



## gunrunnerjohn (Nov 10, 2010)

Click on *UserCP* and read your private messages, I posted an updated password there for you to access your old account. I didn't use your email for the vary reason you state.


----------



## thedoc (Oct 15, 2015)

gunrunnerjohn said:


> BardoXV, you've got mail, or rather a PM.


Got it, I'll take care of it soon, but there is really no need to merge the accounts because the only thing I have been posting as BardoXV is about the password problems, and I really don't need to keep them once the problem is taken care of.


----------



## gunrunnerjohn (Nov 10, 2010)

Works for me, when you get all established, I'll just remove the new account.


----------



## thedoc (Oct 15, 2015)

gunrunnerjohn said:


> Works for me, when you get all established, I'll just remove the new account.


Hello, I just changed my password, but the forum will not let me change the email address till the BardoXV account is gone, so go ahead and merge the acounts and then delete the BardoXV account.


----------



## gunrunnerjohn (Nov 10, 2010)

Done, the *BardoXV *account is gone. You can change the email in *thedoc* to your liking.


----------



## thedoc (Oct 15, 2015)

gunrunnerjohn said:


> Done, the *BardoXV *account is gone. You can change the email in *thedoc* to your liking.


Thankyou.


----------



## dinwitty (Oct 29, 2015)

unless verticalscope is related to this forum like hosting it I don't see why its needed. This forum could put up its own notice but the notice is placed where usually ads are put so suspicions become roused. This is where they can drop cookies on you without notice to track you.
So let us know if it is legit.


----------



## teledoc (Oct 22, 2014)

Dinwitty, It is 100% legitimate, and because you posted your question, you apparently changed your old password. It is perfectly safe, and has remained there so Infrequent Users will see the reason and action that was taken.


----------



## highvoltage (Apr 6, 2014)

dinwitty said:


> unless verticalscope is related to this forum like hosting it I don't see why its needed...


VerticalScope is the host of this website, hence the announcement.


----------

