Password hacked

AntonLargiader

Veteran Member
Joined
Jan 9, 2004
Location
Charlottesville, VA
TDI
'98 Jetta, '03 Jetta wagon
I got an email from a wanna-be scammer listing a password that of mine that he had. It was from here only, and I haven't used it in forever (it was to a previous account) so it's nothing to me, but if several people have the same thing happen then it might mean that there's been a data breach here.
 

Danielg42

Veteran Member
Joined
Jun 5, 2007
Location
Irvine, CA
TDI
B5 Passat BHW - 6 speed manual
yea, I changed mine this morning....
It was an old and short password I had used here, but for me it could have been breached elsewhere, as well...
 

AntonLargiader

Veteran Member
Joined
Jan 9, 2004
Location
Charlottesville, VA
TDI
'98 Jetta, '03 Jetta wagon
OK. FWIW here's the email I got; let me know if you got the same one. He listed the actual password in the subject and the first line.

EDIT: OK, looks like it can't be pasted. Must all be unicode or something.
 

lousyg

Member
Joined
Feb 18, 2013
Location
Chicago
TDI
2012 Passat SEL
This has been going on for nearly a year. I use an email address specifically for tdiclub and I started getting these messages early 2019. I still get them occasionally (got a new one yesterday). A couple of us brought it up then but I'm not sure if anything was ever done.


I think I'm going to change my password here (to something new/unique) and see if the spam starts referencing the new password. That should tell us if the site is still hacked.


Edit: I'll add that I looked at the bottom of the page and see the site runs "vBulletin" version 3.8.5. The current released version is 5.5.6. Also, a quick Google search shows that there are multiple exploits that affect the version tdiclub runs. Hard to tell if they actually affect the site configuration, but it's always a good idea to keep the website software up to date.
 
Last edited:

EECSentric

Veteran Member
Joined
Mar 21, 2004
Location
Arlington, MA
TDI
2015 GSW TDI SEL DSG LP
I received the same type of email which included an attempt at extortion, etc.

I would strongly amplify the request to the admins to update the server & vBulletin. If the server is compromised, then the issue goes beyond someone stealing passwords. From my experience, they can also insert trojans and other malware directly on the site which can lead to the site getting blocked by google and ISPs. It's a huge hassle getting back from that.
 

VW Derf

Administrator
Joined
Jul 3, 1996
Location
Richmond, BC, Canada
TDI
2010 Blue Graphite Pearl Golf Variant
Hi Everyone,

Thanks for bringing this to our attention and we are looking into this. General recommendations are to use different passwords for different sites and to change passwords periodically.
 

tvmaster

Veteran Member
Joined
Jun 8, 2010
Location
Socal
TDI
2010 JSW
Hackers / extortionists breached TDIClub

Happened to me this week as well. They got email address and password. Haven’t logged in in about three years, until today when I changed email & password. Has this breach been reported to users? If so, I don’t remember getting the email. ***?
 

tvmaster

Veteran Member
Joined
Jun 8, 2010
Location
Socal
TDI
2010 JSW
Hi Everyone,

Thanks for bringing this to our attention and we are looking into this. General recommendations are to use different passwords for different sites and to change passwords periodically.
Hi. So you’ve had a week to ‘look into it’. What did you find? Who breached the site, and what information did they get, if any? We’d like to know so as to secure other emails/accounts/passwords which may be tied to TDIClub.
Thanks
 

pedroYUL

Veteran Member
Joined
Sep 8, 2011
Location
MI, USA
TDI
2004 Jetta wagon BEW; 2015 Passat SE CVCA; 2015 GSW CRUA
This can happen to you on a different mechanism: if you store your passwords in your browser, or phone, use autofill, Tapatalk...and that device gets compromised.

I'm sure there is other ways your info could leak, but that is the one that comes to mind right now.

I have not received any emails with my login and password to this site, or any site...knock on wood.
 

40X40

Experienced
Joined
Feb 12, 2006
Location
Kansas City area, MO
TDI
2013 Passat SEL Premium
I got a similar threatening email. My password was unique to this site. If the site continues to run on an antiquated version of vBulletin, it will happen again.
 

IndigoBlueWagon

TDIClub Enthusiast, Principal IDParts, Vendor , w/
Joined
Aug 16, 2004
Location
South of Boston
TDI
'97 Passat, '99.5 Golf, '02 Jetta Wagon, '15 GSW
I recently saw one of these emails in my spam folder, didn't occur to me that it might be from here. I wasn't terribly concerned about it. Honestly, we all have to operate on the assumption that any site we visit, any computer we use on a network, and our phones can be compromised at any time. Use good practices regarding usernames, passwords, and two factor authentication, and you'll minimize your exposure. That's really the best you hope for. My username and password here is unique to this site, and there's no type of payment processing done here (PayPal doesn't count). So I'm OK with continuing to visit TDIClub.com.

Those of you that visit idparts.com may have noticed we have a new store platform. Although it provides a lot of improvements we wanted on our shopper experience, the big motivator for the upgrade is improved security. It's an ongoing effort.
 
Last edited:

VW Derf

Administrator
Joined
Jul 3, 1996
Location
Richmond, BC, Canada
TDI
2010 Blue Graphite Pearl Golf Variant
Hi everyone,

Sorry for the delay in responding directly to this. I have been looking into this and while I have not tracked down any specific compromise of the forms, it is entirely possible at one point it may have happened at some point in the past given the feedback from members.

If you receive such an email, please delete it and do not respond to it as they are obliviously a scam. Also please change your password, especially if you used the same username/password combination across other sites in the past as that is considered a bad practice. I highly recommend everyone follow password management best practices such as not reusing passwords between sites and changing them periodically along with following other best practices.

Moving forward I have spent all my available time of the last several of weeks restarting the migration of this forum software that is better support and modern. While I have made numerous attempts over the past few years, they have always been stopped due to a few issues. The most significant was the fact that the two potential platforms that were viable did not properly support linking to many of the existing images and documents nor adding new resources, specifically anything that isn’t an image (i.e. PDF, word files, etc.). IMHO those are very valuable resources I did not want to loose that info from the past and into the future. While both options that I have considered have made many advancements in the past few years to limit the loss of data, they still aren’t 100%.

I have come to the unfortunate conclusion that it won’t be a perfect migration to a new platform, so I’m pressing ahead and will just select the option that will be good enough. Once the test migrations to these two test platforms is complete, I will solicit some input from the membership to help determine which software to move to. I’ve almost completed the migration to one of the test sites, but I am still working with support on the other option to deal with some migration issues. I’m hoping to have the test sites up early next week, but some of the progress is out of my hands.
Anyways, I wanted to give everyone a quick update so you don’t thing this issue is being ignored and a path forward is being rigorously being worked on.

Fred
 

BobnOH

not-a-mechanic
Joined
May 29, 2004
Location
central Ohio
TDI
New Beetle 2003 manual
One strong vote for keeping this platform. Do you think it's any less secure? There's been a rash of hostage type scams recently, most of what they get is old data, they all want bitcoin. One had my home password, I did not respond, nothing happens, changed my password a week or 2 later.
 

Ludachris

New member
Joined
Jun 5, 2020
Location
California
TDI
Touareg - Soon
Hi everyone,

Sorry for the delay in responding directly to this. I have been looking into this and while I have not tracked down any specific compromise of the forms, it is entirely possible at one point it may have happened at some point in the past given the feedback from members.

If you receive such an email, please delete it and do not respond to it as they are obliviously a scam. Also please change your password, especially if you used the same username/password combination across other sites in the past as that is considered a bad practice. I highly recommend everyone follow password management best practices such as not reusing passwords between sites and changing them periodically along with following other best practices.

Moving forward I have spent all my available time of the last several of weeks restarting the migration of this forum software that is better support and modern. While I have made numerous attempts over the past few years, they have always been stopped due to a few issues. The most significant was the fact that the two potential platforms that were viable did not properly support linking to many of the existing images and documents nor adding new resources, specifically anything that isn’t an image (i.e. PDF, word files, etc.). IMHO those are very valuable resources I did not want to loose that info from the past and into the future. While both options that I have considered have made many advancements in the past few years to limit the loss of data, they still aren’t 100%.

I have come to the unfortunate conclusion that it won’t be a perfect migration to a new platform, so I’m pressing ahead and will just select the option that will be good enough. Once the test migrations to these two test platforms is complete, I will solicit some input from the membership to help determine which software to move to. I’ve almost completed the migration to one of the test sites, but I am still working with support on the other option to deal with some migration issues. I’m hoping to have the test sites up early next week, but some of the progress is out of my hands.
Anyways, I wanted to give everyone a quick update so you don’t thing this issue is being ignored and a path forward is being rigorously being worked on.

Fred
Curious what forum platform you're thinking of migrating to Fred. I was really surprised to see this site is still on vB 3.8. I imagine the server OS is likely very old too, in order to still be able to run this version of vB. Which means there are multiple security issues beyond just the forum software.

I just joined to start doing more research on a Touareg TDI purchase we're considering here soon. I also happen to own and operate a couple forums that used to run on vB long ago. They now run on Xenforo.
 
Top