HACKERS GRAB DELUGE AND QBITTORRENT USER DATABASES

I actually really like qBittorrent and it is sad to see that someone actually compromises the database for the forums there.

Does anybody know what forum software they used as the forums are currently offline?

Thx for this info.

forums usually carry minimal user info.. what's the fuss?

If they carry a username, an eMail and a password, that might be enough to get at least those users in trouble, that use the same username and password for multiple sites. Before password managers became available, I used a password-scheme of several passwords for several security levels, a complicated password for all the very important sites, a less complicated password for the sites of medium importance and so on. There are enough users, that use one password for everything, just imagine what someone could cause, if he gets i. e. data for an amazon account btw.. They store credit-card data and everything.

Using the password-manager of a browser also is mostly not safe, as in most cases, they get stored without encryption in plain text. It's not long ago since I didn't know about that and wasn't aware of password-managers like Lastpass.

well, it's a challenge for the hackers too.. gotta try and apply into to all those famous services, check this and that.. well... i guess there is a level of discomfort...

What makes me a little mad, is, that the people from the qBittorrent-forum didn't send me an eMail about the forum having been compromised. Imo, a mass-notice to everybody that's affected by something like this is the 1st that a hacked-site's owner should do. It would also be so easy. If it weren't for munkyn, chances of me noticing this would have been very small, as I don't visit those forums too often. I took the chance and changed almost all passwords on all sites. Thankfully, this is a lot easier with Lastpass than it'd be normally. Lastpass also wasn't compromised in all of it's time, but when they thought they were, they notified their users instantly. I can only recommend using that software (or any similar software of your choice) heavily, it's even free. And when you choose your master-password, make it a good one, so not iloveyou or 1234 ^^ . You can generate an easy to remember almost not crackable password by using something that you cannot forget but that only few people know, i. e. your own size and gender, and then apply an "optical scheme" and syntax to it, like "%6F.&1I.+Male%" . For you, that password reads "%6 Foot and 1 Inch and male%" but for a hacker it's 16 digits that fulfill a maximum criteria of safety (special signs + numbers + upper and lower case) .

Slightly off-topic, but I think giving information like that actually cannot be wrong.

I think this would only apply to people who use the same username/password/email over multiple logins, which unfortunately people do