Warning! Possible Hacking Attempt -RYA

MikeBz · 24 Jan 2020

I only got the message on the web page when I manually logged out of the site (my browser logs me in by default when I visit). No email, which is a bit poor - it's a bit much to assume we all manually log in to the site every day. It was only by reading this thread that I became aware, so thanks to the OP.

Mistroma · 24 Jan 2020

MikeBz said:
I only got the message on the web page when I manually logged out of the site (my browser logs me in by default when I visit). No email, which is a bit poor - it's a bit much to assume we all manually log in to the site every day. It was only by reading this thread that I became aware, so thanks to the OP.

Same here. I rarely visit the site, didn't get an email and only found out from this thread. Thanks to OP.

I logged in using a VPN, Brave browser in private mode and Password Safe going directly to the logon page. I got a message about the data breach and a button to revalidate my email address. The email had a temporary password and a redundant link to change the password. I was still at the login page and able to paste in the new password to login. I was then asked if I wanted to change the password and had email confirmation after making the change.

RYA are obviously prompting all new logins but should really have emailed a warning. I avoid giving permission to 3rd parties whenever possible and didn't sign up for SafeTrx. I suspect RYA may only be mailing people with entries in the stolen database. Perhaps that's reasonable but is likely to generate more worries about fishing emails when people find out that their friends didn't get an email. Very odd to contact non-members.

RYA's system generated password wasn't particularly secure (only 7 lower case characters) . I have set Password Safe to generate ones like _.JoF#$24bXP for sites unlikely to be of much interest to hackers.

Daydream believer · 24 Jan 2020

I cannot go into the RYA site to change the password as I do not have a clue what my password was in the first place so i never bother.

Mistroma · 24 Jan 2020

Daydream believer said:
I cannot go into the RYA site to change the password as I do not have a clue what my password was in the first place so i never bother.

You could just click on their "Forgotten your password" link in the login page. It should email a temporary password. Of course it might just place the request in a place where the original hacker can find it so that he/she can pass on your login details.

V1701 · 24 Jan 2020

I've never been a member, only connection I have had is sailing quals & ICC, saying that maybe I took a years membership with "free" ICC instead of just paying for ICC, who fecking knows. There are too many things we need passwords for now to remember them all, they're all too prescriptive about what you can and can't have as your pasword that you can't use your pet's name any more so what do you do? Start writing them down somewhere probably, or email them to yourself. I don't know what the answer is, password manager anyone?

pvb · 24 Jan 2020

neilf39 said:
Ever entered one of their competitions or bought anything from them? Have you had any other emails from them in the past? Maybe got on to one of their mailing lists which is part of the same database. Could be they were an associate of a site you do have a login with and your details were shared if you ever clicked on, or didn't unclick one of those boxes saying your details could be shared with other parties. It is so easy for other companies to get your email and other details.

Nope. The email address they used for me is relatively new, and is the one which YBW have on file.

V1701 · 24 Jan 2020

pvb said:
Nope. The email address they used for me is relatively new, and is the one which YBW have on file.

Which brings into dispute the RYA's claim that the database that "may" have been hacked was created in 2015...

pvb · 24 Jan 2020

V1701 said:
Which brings into dispute the RYA's claim that the database that "may" have been hacked was created in 2015...

Exactly. I've emailed the RYA to ask where they got my email address from. Frankly, I don't expect an answer.

VicS · 24 Jan 2020

pvb said:
Exactly. I've emailed the RYA to ask where they got my email address from. Frankly, I don't expect an answer.

You could try signing in with this email address but hitting "i've forgotten my password" .

If your email address is recognised ....... which presumably it will be ..... they will send you a temporary password. You can log in using this then go to "your Account" and "edit profile" and you will see the name and address of the person who signed in in the first place using your email address.

If it turns out to have been you all along seek help.

Ammonite · 25 Jan 2020

VicS said:
You could try signing in with this email address but hitting "i've forgotten my password" .

If your email address is recognised ....... which presumably it will be ..... they will send you a temporary password. You can log in using this then go to "your Account" and "edit profile" and you will see the name and address of the person who signed in in the first place using your email address.

If it turns out to have been you all along seek help.

I thought I'd try this having received the email. Input the same email address into the rya site and it says there's no record of it on file. Go figure! I've never been an rya member but have done some qualifications

pvb · 25 Jan 2020

VicS said:
You could try signing in with this email address but hitting "i've forgotten my password" .

If your email address is recognised ....... which presumably it will be ..... they will send you a temporary password. You can log in using this then go to "your Account" and "edit profile" and you will see the name and address of the person who signed in in the first place using your email address.

If it turns out to have been you all along seek help.

Well, I got a reply to my email to the RYA. It reads...

"The Data in question was held by a 3rd party and dated back to 2015, I have checked our current systems and the address ********@********.com cannot be found, prior to around 2017 we may have stored data received from many sources including, Boatshows, Sailing Club Days and Conferences, after this date and with a view taken on the new Data Protection Act 2018 with the GDPR guidelines we took steps to remove all unnecessary data.

The 3rd party information unfortunately at this point in time was not removed and was what subsequently was breached on the Internet including an email address and a SHA-1 encrypted password.

I can contact the 3rd party to see if we can find out any more information for you and I apologise for the inconvenience this has caused.

Please reply if I can be of further assistance in this matter."

I've asked them to identify the 3rd party.

Warning! Possible Hacking Attempt -RYA

MikeBz

Well-known member

Mistroma

Well-known member

Daydream believer

Well-known member

Mistroma

Well-known member

V1701

Well-known member

pvb

Well-known member

V1701

Well-known member

pvb

Well-known member

VicS

Well-known member

Ammonite

Well-known member

pvb

Well-known member

Members online

Share this page