Hello everyone,
Something has recently come to our attention that we feel you need to be aware of. Many of you may remember OpenVMK, the remake of VMK that came before MyVMK. It closed down (around September 2013) due to some things that happened. A brief summary is I was the one who was developing the code for OpenVMK, and one day the other people involved in the project decided they didn't want me around anymore, and one of the people involved used their position with the host we were using for it to take the game from me, including the database for the game which contained all user data. Unfortunately there was no way I could have prevented this (as at the time I was working with these people, they had equal control with me and overruled me on using a different host... now it's clear why they were so insistent), and the game shut down shortly after due to outrage.
Fast forward to today, when we discovered someone outside has a copy of the database from OpenVMK. Back then for reasons not in my control, the passwords were stored insecurely. They weren't stored as plaintext, but they were stored hashed. The thing is, just hashing a password isn't good enough these days. If you want to know more about this, there's a video briefly explaining what I'm talking about below (I definitely think you should watch it!).
This does not affect MyVMK in any way, your passwords in MyVMK are stored completely securely. However, if you registered for OpenVMK, this person may now have access to your password from it. MyVMK is completely separate to OpenVMK, however due to my involvement with OpenVMK I was able to 100% confirm it as the source of the problem. If you have a super secure password, it's unlikely he will be able to access it, HOWEVER if you had an insecure password back then and still use it on anything today we recommend you change it everywhere that you used that password.
A little tid-bit on password security, it's generally a good idea to use a different password on everything. Any website you register for can potentially access your password, the creators of the website could do it or someone who has gotten into their system could too. This is why everyone says to use a different password on everything, because that way if one website goes rogue, the rest of your accounts are safe. A good password is also generally a longer one, a computer will have a much harder time cracking a password such as amazonplatelemonadeladysparkle0 than 9382849.
Source: https://xkcd.com/936/
An important thing to remember, if you did not register for OpenVMK (which is NOT MyVMK!), or did not reuse the password you used on OpenVMK, this does not affect you in any way. If however you did use OpenVMK, and you do still use the password you used on OpenVMK, then we recommend you change your password on any accounts that use that password immediately, ESPECIALLY if you used it on an email account. If you don't know what OpenVMK was, you're safe.
This is how Littlebelle's accounts was accessed, but we only just discovered it. Again, whilst MyVMK is separate to OpenVMK, we felt we needed to alert you all to this as many of our users were on OpenVMK before MyVMK opened.
Stay safe out there!
Something has recently come to our attention that we feel you need to be aware of. Many of you may remember OpenVMK, the remake of VMK that came before MyVMK. It closed down (around September 2013) due to some things that happened. A brief summary is I was the one who was developing the code for OpenVMK, and one day the other people involved in the project decided they didn't want me around anymore, and one of the people involved used their position with the host we were using for it to take the game from me, including the database for the game which contained all user data. Unfortunately there was no way I could have prevented this (as at the time I was working with these people, they had equal control with me and overruled me on using a different host... now it's clear why they were so insistent), and the game shut down shortly after due to outrage.
Fast forward to today, when we discovered someone outside has a copy of the database from OpenVMK. Back then for reasons not in my control, the passwords were stored insecurely. They weren't stored as plaintext, but they were stored hashed. The thing is, just hashing a password isn't good enough these days. If you want to know more about this, there's a video briefly explaining what I'm talking about below (I definitely think you should watch it!).
This does not affect MyVMK in any way, your passwords in MyVMK are stored completely securely. However, if you registered for OpenVMK, this person may now have access to your password from it. MyVMK is completely separate to OpenVMK, however due to my involvement with OpenVMK I was able to 100% confirm it as the source of the problem. If you have a super secure password, it's unlikely he will be able to access it, HOWEVER if you had an insecure password back then and still use it on anything today we recommend you change it everywhere that you used that password.
A little tid-bit on password security, it's generally a good idea to use a different password on everything. Any website you register for can potentially access your password, the creators of the website could do it or someone who has gotten into their system could too. This is why everyone says to use a different password on everything, because that way if one website goes rogue, the rest of your accounts are safe. A good password is also generally a longer one, a computer will have a much harder time cracking a password such as amazonplatelemonadeladysparkle0 than 9382849.
Source: https://xkcd.com/936/
An important thing to remember, if you did not register for OpenVMK (which is NOT MyVMK!), or did not reuse the password you used on OpenVMK, this does not affect you in any way. If however you did use OpenVMK, and you do still use the password you used on OpenVMK, then we recommend you change your password on any accounts that use that password immediately, ESPECIALLY if you used it on an email account. If you don't know what OpenVMK was, you're safe.
This is how Littlebelle's accounts was accessed, but we only just discovered it. Again, whilst MyVMK is separate to OpenVMK, we felt we needed to alert you all to this as many of our users were on OpenVMK before MyVMK opened.
Stay safe out there!