Nexus Mods’ announcement regarding the issue said the security breach happened back on November 8th. The exploit was resolved as soon as it was discovered, the post said, and actions were taken to further tackle the problem.
Part of those actions involved bumping up the release of the new user service which is the upgraded version of the old service referenced above.
“We immediately worked to rectify the situation and, as part of the process, brought forward our release schedule for our long-planned new user service to ensure no other potential exploits on the old user service could be used to obtain user data,” Nexus Mods said in Thursday’s announcement. “This step we took is ensuring that the new passwords are not only better protected, but that any encrypted passwords that have - potentially - been obtained from the old user service are already out of date.”
As for the steps users can take in the wake of this issue, Nexus Mods recommended some of the usual actions suggested to users when it comes to password security and breaches like this one. Make sure you’re using the new user service, change your password, don’t share passwords across different sites, and consider using two-factor authentication if you aren’t already.
When asked why it took so long to tell the community about the security breach, a community manager responded in the comments to say the priority was to deal with the exploit and comply with EU regulations.
“As our immediate response we wanted to make sure the exploit is dealt with as quickly as possible, the new user service alleviating the issue is on its way - which required us to focus on testing a lot, and, lastly, we needed to assess the situation in its entirety before making rash decisions, especially considering EU regulations,” the community manager said.
Posted:
Related Forum: PC Gaming Forum
Source: https://comicbook.com/gaming/2019/12/19/nexus-mods-security-breach/
"Nexus Mods Reports Security Breach, Suggests Users change passwords" :: Login/Create an Account :: 1 comment