Return to Project-GC

Welcome to Project-GC Q&A. Ask questions and get answers from other Project-GC users.

If you get a good answer, click the checkbox on the left to select it as the best answer.

Upvote answers or questions that have helped you.

If you don't get clear answers, edit your question to make it clearer.

Categories

geocheck.org hacked - change your passwords

+4 votes
1.7k views
Alas a nasty person has done nasty stuff to geocheck.org and downloaded their accounts database (and more). If you use the same password on geocheck as you do on other systems (such as other geocaching related sites) change your passwords immediately. Geocheck has updated their systems, and you should change your password there too. Full details on geocheck's website.
in Miscellaneous by the Seagnoid (Expert) (46.3k points)
edited by the Seagnoid (Expert)
Is this verified? Source? I see nothing in the official forum. Thanks, DerLakaiMS
by DerLakaiMS (6.7k points)
As was stated in my original posting: Full details on geocheck's website. (www.geocheck.org)
by the Seagnoid (Expert) (46.3k points)

1 Answer

0 votes

Yes this is pretty sad sad

Here below is a copy/paste of what can be read on the website as posted by Samuel aka iChicken.

He does encourage every one to change their passwords.

--------------------------------------------------------------------------------------------------------------------------------------------------------------

GeoCheck hacked!

Unfortunately, I have just learned, that Geocheck.org has been hacked. The entire database has been downloaded, including cache solutions and hashed passwords.

The passwords are hashed, so they are fairly secure, especially for longer or more complex passwords. However, to be sure, it is recommended for everyone to change their passwords. If you use the same password at Geocaching.com or other sites, I recommend changing them there as well. Additional security surrounding the passwords have been implemented going forward. Further, the vulnerability used to hack the site has been plugged.

A file has been released on the Internet with about 27.000 cache solutions. Of those about 50% comes from GeoCheck.org, the rest originate from somewhere else - exactly where is unknown at the moment.

To reiterate: The entire database has been downloaded, including all the cache solutions from GeoCheck.org. That means that there are still a lot of solutions downloaded that hasn't been published publicly (yet). Though sites hosting the file containing the leaked solutions have been contacted to try to force the sites to retract them, past experience unfortunately dictates that once data is in the wild it is hard/impossible to obliterate.

Words cannot express how sorry I am for this to happen - and how astounded I am of the time and ressources unscrupulous hackers will dedicate to hacking a site supporting the simple innocent pastime that is Geocaching - without any possibility of financial gain or glory. In an age where government sites and large corporations are hacked as a matter of course, providing bulletproof and complete protection for hobby projects such as GeoCheck has proven to be very difficult.

I can only appeal to the better nature of geocachers worldwide and earnestly implore folks to not use the coordinates to cheat - but instead acknowledge the time and effort cache owners have dedicated to creating interesting and ingenious puzzles.

Once again, I am very sorry for this to happen!

Sincerely,
Samuel AKA iChicken

--------------------------------------------------------------------------------------------------------------------------------------------------------------

by Carangue (1.0k points)
 | PGC Theme, based on Snow Theme by Q2A Market
Powered by Question2Answer
...