DISCLAIMER: This was a result of HDA staff getting slack with security + passwords which made us an easy target for hackers, if you follow this guide and change your passwords often without having too many duplicates, this won’t happen to you!
As I said last post, HDA was hacked, we all freaked out, Dean got the account safety banned so no more damage could be done, and the rest of the founders got on with what needed to be done next!
I started to look back at what had happened at HDA, details regarding the hacker were few and far between, so I started looking through our own discord chats, and found something really interesting…
The HDA forums hack!!! WE HAVE BEEN HACKED BEFORE!!!!!
“Black Thanos” was the only detail that we really had on that hacker. And it JUST SO HAPPENS there were details I found on our HDA-Founder hacker that matched the hack on the forums. I promptly freaked out and shared the news with my fellow founders
We never really worried much about the forums, we obviously were concerned but our energy was spent rebuilding the forums, not looking into who actually hacked us. Since I now had a link between this hack and the forum hack, I could dig deeper into the forum hack to see what info I could find about the HDA-Founder hack. BUT I was also still looking at our emails and stuff, and I had a bit of a breakthrough…
This guy KEPT COMING UP (but more on that later) but what I actually found was…
Some LITERAL PSYCHOPATH had logged into our forums, grabbed our emails, then compared our emails to hacked websites outside of Habbo (like Haboon, Town of Salem etc.) and listed our passwords as well, it was published by Liam, in August 2019 and listed everyone from founders to 5ic ranks back in August. Not everyone who was there in August was listed there, but almost everyone was.
I tried to remove it but it still exists, so PLEASE CHANGE YOUR PASSWORDS
(update, as of 8 March 2020 it has been removed)
I contacted everyone who had personal details on there, so if you haven’t heard from me you don’t need to panic, but I seriously hope this makes EVERYONE realise YOU HAVE TO CHANGE YOUR PASSWORDS if everyone just had a different password to the one they used on the hacked website, this wouldn’t have happened at all.
We started making more connections…
So people were getting our details from this document and using it to log in and mess up our forums. I kept talking to people who had details on this doc, so I could work out where these details came from, at first I thought it was proboards hacked, but we realised that it wasn’t always the same. I would say MOST of the details on this doc I found was inaccurate, Matt had an address listed next to his name…
And people who had passwords listed said they were inaccurate, except for the people who we knew had been hacked into. Sarah quickly had this honestly amazing idea:
And that is why you can’t see emails on the forums anymore! While most of our emails are still *out there* as long as we keep changing our passwords (or our emails) we will be ALL GOOD.
Edited by: Vibrational