TwoPlusTwo User Database Hacked

The TwoPlusTwo management sent an email to it`s users on Jan 9, informing them of a security breach of its user database at http://forumserver.twoplustwo.com. The hack was detected on Jan 8 according to the email and advised members to change their passwords and take extra precautions when trading or staking players on the forum.

The email sent to members is as follows:

“Dear member of the Two Plus Two Forums:

On January 8 we learned that the user database at http://forumserver.twoplustwo.com had been compromised. We cannot find any evidence that accounts created after approximately November 20 have been compromised (we fixed a problem that day) but as a registered users you should assume that if you’ve been a member of the forums since before that date that the information necessary to determine your (unchanged) password is out there. Information obtained includes username, email, encrypted password, birthdate, and IP address.

The people “selling” the database claim a December 7 date, but we believe this to be wrong.

We are asking all users to reset their password if it hasn’t changed in the last 45 days. You will be prompted to do so the next time you login to the forums. In addition we will shortly be invalidating the passwords of accounts that have not been active for some time. The users of those accounts will need to follow the forgotten password link to reset their password.

A user suggested that the following actions are incredibly important, and we agree:

1) Change your Password on 2+2

2) Change ALL other passwords that are the same or similair

3) Start using unique passwords for every site, these breaches are so common. I’d recommend a password manager like lastpass

4) enable 2 factor authentication on any vital accounts/emails

5) Take extra precautions to verify identity when trading via 2+2 (or any other site) via separate means

Regards,

The Two Plus Two Management”

The hacking rumors started when professional poker player Max Silver tweeted that he had been asked to change his TwoPlusTwo password due to a data breach. The administrators then placed a pop up onto the site prompting members to change their passwords.

However, the rumors unnerved the users so much that many felt the pop up itself may be a trap. Eventually site administrators Mat Sklansky and Chuck Weinstock went online to confirm the data breach and verified that the message prompting members to change their passwords was genuine.

Registered users who particularly created their accounts prior to November 20 are thought to be targets of this hacking. The email from the site administrators warned them to assume that their password information was accessed online and that other information, like username, email, encrypted password, birthdate and IP address may also be compromised.

It is estimated that more than 400,000 members, who subscribe to the TwoPlusTwo forum, stand the danger of their username, password and email address being extracted, along with any personal data included in members’ profiles.

TwoPlusTwo further recommended changing any passwords that have not been changed in the last 45 days. Accounts that have not been accessed recently or have been inactive will have their passwords reset and need to follow the forgotten password link to reset it.

The first and foremost thing members should do is to change their passwords not only on the TwoPlusTwo forum but also on any other accounts that share the same password.