TwoPlusTwo’s user database at forumserver.twoplustwo.com was recently compromised, according to an email from TwoPlusTwo management sent to users Jan. 9. The hack was discovered Jan. 8.
Registered users who created their accounts prior to Nov. 20 should now assume that their password information was accessed online and that other information, like username, email, encrypted password, birthdate and IP address may also have been obtained.
Management wrote that as of Nov. 20, TwoPlusTwo fixed a problem on the site and thus “cannot find any evidence that accounts created after approximately November 20 have been compromised.”
The party “selling” the database claim a Dec. 7 date, but management wrote they believe this to be wrong.
TwoPlusTwo recommends changing any password that has not been changed in the last 45 days; otherwise, users will be prompted to do so the next time they log in. Accounts which have not been accessed recently or have been inactive will have their passwords reset and need to follow the forgotten password link to reset it.
A user suggested the following list that TwoPlusTwo agreed with and listed out in their email:
- Change your Password on 2+2.
- Change ALL other passwords that are the same or similar.
- Start using unique passwords for every site; these breaches are so common. I'd recommend a password manager like LastPass.
- Enable 2 factor authentication on any vital accounts/emails.
- Take extra precautions to verify identity when trading via 2+2 (or any other site) via separate means
This is not the first time TwoPlusTwo has had its forums hacked. Back in April of 2012, the company was a victim of a security breach that compromised users’ personal information and shut down the site.
Here is the text of a statement posted on the website after the forums went offline to deal with the issue.
On April 26th at approximately 11:20 AM pacific time, the Two Plus Two Forums were closed as a result of a hacker who has displayed the ability to access e-mail addresses and encrypted passwords. He also indicated the ability to decrypt passwords.
While it is unclear the extent of data to which he gained access, email addresses and passwords on the Two Plus Two forums should be considered compromised. If you have used your 2+2 password on any other site, you are advised to change it.
For your security we are closing the forums until the breach is patched.
We hope to be back up as soon as possible.
Former TwoPlusTwo moderator Noah Stephens-Davidowitz suggested at the time that users change their passwords on all sites that have the same password.
Lead image courtesy of Pixabay