Haha, as far as a CC is concerned everything's always perfectly good according to them. They could have at least released a blog informing them about the leak and asking users to change their passwords.
But how was @EscherehcsE allowed to have the same pfp as you without getting penalised?
Haha, as far as a CC is concerned everything's always perfectly good according to them. They could have at least released a blog informing them about the leak and asking users to change their passwords.
But how was @EscherehcsE allowed to have the same pfp as you without getting penalised?
There wasn't a leak. I could go out and get a random list of emails from anywhere online and do the same thing, using the same methods. If you have an email address you can find out if that address has an account here, then use the API (or a browser) to view anything on the profile.
*Snip* But how was @EscherehcsE allowed to have the same pfp as you without getting penalised?
Arbitrary enforcement of ambiguous rules based on subjective interpretation shaded by personal likes and dislikes.
In short, somebody out (not up) there hates me 
Haha, as far as a CC is concerned everything's always perfectly good according to them. They could have at least released a blog informing them about the leak and asking users to change their passwords.
But how was @EscherehcsE allowed to have the same pfp as you without getting penalised?
There wasn't a leak. I could go out and get a random list of emails from anywhere online and do the same thing, using the same methods. If you have an email address you can find out if that address has an account here, then use the API (or a browser) to view anything on the profile.
I don't know Martin. The news website calls it a leak [1]; the website where this data is available also has it under leaks [2]... Maybe you could call it a breach or something. English isn't my first or second language and I'm bad at it, so I don't even bother.
[1] - https://www.hackread.com/hacker-leaks-scraped-chess-com-user-records/
[2] - Maybe I shouldn't post this one.
I'm sure the staff will fix it sooner or later. 
*Snip* But how was @EscherehcsE allowed to have the same pfp as you without getting penalised?
Arbitrary enforcement of ambiguous rules based on subjective interpretation shaded by personal likes and dislikes.
In short, somebody out (not up) there hates me
I wonder who could hate the humble bunny. Must be a bunny hater. 
Though on a serious note, I sincerely hope Woolly got his card situation sorted and had no money stolen. The dude's going to be suspicious of even real emails now. Poor Woolly. 
😿
The email addresses came from leaks on other sites and were used to find accounts on this site using the add friends option. The rest is information the members added to their profiles and is publicly available.
Woolly contacted his bank , and asked them to cancel his credit card, which they have done . This means that these guys can’t get their grubby hands on Woolly’s hard earned dough . It will of course have some sort of impact on my chess activity on this site .
It will of course have some sort of impact on my chess activity on this site .
I'm a cybersecurity and fraud researcher and would love to work with you to research this a bit further. Do you still have the original email you received that you feel is related to this incident?
Woolly contacted his bank , and asked them to cancel his credit card, which they have done . This means that these guys can’t get their grubby hands on Woolly’s hard earned dough . It will of course have some sort of impact on my chess activity on this site .
In other words, nothing was done because there is no “Woolly”. Therefore, there is no bank. No “hard earned dough”. No security risk at all because you’re trumping up a fictional character. It doesn’t matter if others role-play along because role playing does not change reality.
No security risk at all because you’re trumping up a fictional character.
It appears personal information was disclosed without consent. There is a risk of targeted phishing attacks and this is what Woollensck3 may be experiencing.
No security risk at all because you’re trumping up a fictional character.
It appears personal information was disclosed without consent. There is a risk of targeted phishing attacks and this is what Woollensck3 may be experiencing.
There is no “Woollensck3”. That is not a real person.
How stupid can you be?
Careful, many around here might take that as a challenge. 😉
That's most likely related to this: to:.https://www.reddit.com/r/chess/comments/17rv9lp/comment/k8phtsm/
@woollensck3 FYI... I'm most certain it is not related to this information disclosure. I've seen data dumps of a Nov 8 and Nov 10 incident. "woollensck3" is in neither. I don't know if you have an alt.
Obviously this incident was about my real person , Gregg -Turkey was just being his usual stupid self . Best if you just ignore the poor guy !
That's most likely related to this: to:.https://www.reddit.com/r/chess/comments/17rv9lp/comment/k8phtsm/
@woollensck3 FYI... I'm most certain it is not related to this information disclosure. I've seen data dumps of a Nov 8 and Nov 10 incident. "woollensck3" is in neither. I don't know if you have an alt.
The first post says that it was a poor version of the username.
And consequently the wise Yorp closed his account. Stay safe yall
The leak didn't involve passwords though. He could have kept his account and just changed the password if he was that paranoid.
This site should have 2FA; Lichess has it. They even support Yubi keys there.
better safe than sorry - especially when there's little transparency and accountability. not a data breach they say :-)
nope, no 2FA - we'll add more flairs if you like.
edit:
i remember in the old days when you said you forgot the password, they'd send it to you via email in clear text :-) i'm sure those days are gone ...