USPSA.org passwords leaked

P

poopgiggle

B Class Nobody
Joined
Mar 22, 2011
Messages
2,327
Location
Tulsa, OK
From the announcement here:

We made a decision “way back when” to store the passwords in plain text

so we could send a password reminder, upon member request, to the email

address on file for a member. This was [deemed] a reasonable decision

because the passwords did not protect any highly confidential data or

financial data (home addresses and phone numbers are not stored on the

server).

We made another decision “way back when” to do our credit card

processing on a separate system using a vendor that specializes in

commercially secure on-line commerce. Credit card numbers are NOT

stored on the USPSA server, and the passwords that were recently

disclosed do NOT give access to any credit card information.”
Click to expand...
In case you were curious, this is really, really dumb.
 
F

foghorn918

Consistently Inconsistent
Joined
Jan 16, 2011
Messages
2,762
Location
USA
I can't get my password reset, never get the email after the reset request even though the system message says it is sending. I've emailed them several times. Been trying for days. No response from anyone in the organization. :(
 
drmitchgibson

drmitchgibson

The white Morgan Freeman
Joined
Jan 13, 2011
Messages
3,938
Location
OKC
They're still working on it. I logged in with my PIN a few days ago and it worked, but I probably won't do it again until they give the "all clear". I'm not that close to A class yet, and outside of classifier scores and major match results there's nothing I'm interested in on USPSA.org.
 
Vanniek71

Vanniek71

Active Fanatic
Joined
Dec 3, 2014
Messages
32
Location
Westminster, CO
I was able to reset mine tonight. Check spam folder it was in there, even though all other USPSA emails never go to spam...
 
drmitchgibson

drmitchgibson

The white Morgan Freeman
Joined
Jan 13, 2011
Messages
3,938
Location
OKC
The only effect I experienced from this issue is someone tried to access my Linked-In account, and failed.
 
ryanncass

ryanncass

Well-Known Fanatic
Joined
Sep 17, 2010
Messages
1,728
Location
Claremore
Mitch Gibson said:
The only effect I experienced from this issue is someone tried to access my Linked-In account, and failed.
Click to expand...
Someone tried my LinkedIn as well but it was a different password so they did not get to far. USPSA was the only place i used that password.
 
P

poopgiggle

B Class Nobody
Joined
Mar 22, 2011
Messages
2,327
Location
Tulsa, OK
I hope I'm never grown up enough that I actually care if my LinkedIn is compromised.

It's bad enough that I have one.
 
T

Tech

Well-Known Fanatic
Joined
Apr 3, 2014
Messages
579
Location
Grand Island, NE
Just had eBay call me at 00:23. Yep, account hacked. These hacker ****s should be hung by their nads till dead!
 
You must log in or register to reply here.

Latest posts

Random media

IMG_0525.JPG
Ready-to-rock-roll.jpg
B8E47547-7030-4FF4-9FD9-A17074CAF6C3.jpeg
snakeskin 2.jpg
pound.gif
B43986AF-F976-4138-9515-1E0F8EFFFB74.jpeg
ACB9863B-CB0B-4454-9019-E1D2320FD5A3.jpeg
Top