TwoPlusTwo forum members are being prompted to change their passwords and warned to take extra precautions when trading or staking players on the forum.
Rumors that the TwoPlusTwo Forum database had been hacked started circulating yesterday after professional poker player Max Silver tweeted he had been advised to change his password due to a data breach. After the rumors had been escalated to TwoPlusTwo management, administrators took action by placing a pop up onto the site prompting members to change their passwords.
Unfortunately, the pop up included a link that many visitors to the site were suspicious of – inciting concerns that the pop up itself may be a trap. Eventually database administrators Mat Sklanskly and Chuck Weinstock went online to confirm the data breach and verify that the message prompting members to change their passwords was genuine.
How Significant is the TwoPlusTwo Breach?
More than 400,000 members are subscribed to the TwoPlusTwo forum, and it is believed that every username, password, and email address has been extracted, along with any personal data included in members´ profiles. Although the passwords were hashed, simple passwords are fairly easy to decipher. Therefore, if you are a TwoPlusTwo subscriber, it is fair to assume that your details have been hacked.
The TwoPlusTwo data breach has a number of serious implications. Obviously any member who uses the same username and password combination on any other account(s) should change their password on secondary accounts as well to prevent the hacker(s) from gaining authorized access to more than their TwoPlusTwo account. Using separate passwords for separate accounts is fairly standard online security.
More concerning to members should be the risk of social engineering and the potential for unauthorized access to online accounts not sharing the same password. If the hacker(s) has extracted personal information that could be used to reset passwords for other online accounts – dates of birth, location, etc. – they could be used for password recovery on websites with relatively lax security standards.
Security Advice for TwoPlusTwo Forum Members
The first thing members should do is to change their passwords on the TwoPlusTwo forum and any other accounts that share the same password. Never click on a link within an email sent to the address used to register the TwoPlusTwo account, no matter how confident you are of its authenticity. Always type the URL into the address bar of your web browser. It is inconvenient, but links are easy to disguise.
Make sure all your online accounts containing any sensitive data have two factor authentication. Two factor authentication is where an extra layer of security is implemented that requires not only a password and username, but usually a key or PIN sent to a mobile device. This not only includes online bank accounts and email accounts, but your online poker accounts and sites like Amazon.com.
Members are also being advised to take extra precautions with other members when trading or staking on the TwoPlusTwo forum. It is being suggested that members verify who they are dealing with via a separate means to confirm their identity. With so many usernames and passwords extracted, there will likely be a number of phishing attempts from apparently genuine accounts.
Target. Yahoo. TwoPlusTwo. Where Else?
A very useful link to www.leakedsource.com was placed on the thread relating to the TwoPlusTwo database hack by member “krazykarter”. He suggested visiting Leaked Source and entering any usernames, email addresses or IP addresses you use online in order to determine what other online accounts you have that may have been compromised.
The Leaked Source website is not definitive. Despite having more than three billion accounts in its database, there have been significantly more than three million account hacks in the past couple of years (the Yahoo hack alone affected more than one billion accounts). Therefore, it is recommended that you conduct a thorough review of your online security and – if you clicked on the link above to visit Leaked Source, rather than type the URL into your web browser – review your own security practices!