Cyber attacks are one of the unfortunate realities of running a website in this age. Given our recent growth, Anime Planet has attracted increasing attention from cyber attackers, including hacking attempts, DDOS attacks, and exploit attacks. We have recently taken large steps to stop hacking attempts and DDOS attacks to improve the site’s performance. Unfortunately, a few days ago Anime-Planet's development team discovered an exploit in our forum software.
Our investigation indicates that the attacker had potential access to Anime Planet's forum database that includes forum usernames, forum emails, public forum profile info, and encrypted passwords. Currently, our investigation shows no access to our database containing your main accounts. Anime Planet stores passwords on all databases, in a way, so that they cannot be decrypted. Therefore there is no threat to a malicious party having your Anime-Planet site passwords, but please monitor your email for any spam or phishing attempts. We deeply regret that this incident occurred and are working diligently to address the incident and make sure it doesn’t occur again. As of such we are taking the following immediate steps:
- Upon discovering the exploit, we took the full site offline to remove any malicious code, and relaunched after we were confident the main site wasn't affected.
- This message was posted at the forum URL for the 4 days it was offline; now, this site announcement has taken its place.
- We took the forum software fully offline. As many are aware, we've been working on migrating our forum to a more secure, better product. We expedited that launch and got a version of the new forum migrated and up within 4 days.
- The new forums require you to change your password by using the 'forgot password' form. We apologize for this inconvenience, but it should be a minor step to ensure your accounts are safe.
- We are reviewing the security on our servers to tighten any other possible issues.
Based on our findings to date, we are not aware of any specific increased or continued risk to you as a result of this incident. We are continuing to review the information available to us and if more information becomes available, we will share it with you. We value your trust, and will work aggressively to prevent these types of events from occurring in the future. Again, we deeply regret any inconvenience this may cause you.
Our investigation indicates that the attacker had potential access to Anime Planet's forum database that includes forum usernames, forum emails, public forum profile info, and encrypted passwords. Currently, our investigation shows no access to our database containing your main accounts. Anime Planet stores passwords on all databases, in a way, so that they cannot be decrypted. Therefore there is no threat to a malicious party having your Anime-Planet site passwords, but please monitor your email for any spam or phishing attempts. We deeply regret that this incident occurred and are working diligently to address the incident and make sure it doesn’t occur again. As of such we are taking the following immediate steps:
- Upon discovering the exploit, we took the full site offline to remove any malicious code, and relaunched after we were confident the main site wasn't affected.
- This message was posted at the forum URL for the 4 days it was offline; now, this site announcement has taken its place.
- We took the forum software fully offline. As many are aware, we've been working on migrating our forum to a more secure, better product. We expedited that launch and got a version of the new forum migrated and up within 4 days.
- The new forums require you to change your password by using the 'forgot password' form. We apologize for this inconvenience, but it should be a minor step to ensure your accounts are safe.
- We are reviewing the security on our servers to tighten any other possible issues.
Based on our findings to date, we are not aware of any specific increased or continued risk to you as a result of this incident. We are continuing to review the information available to us and if more information becomes available, we will share it with you. We value your trust, and will work aggressively to prevent these types of events from occurring in the future. Again, we deeply regret any inconvenience this may cause you.
