Technic News

Forums database breach

If you have an account on our forums or wiki, and are using your password somewhere else, change it immediately. You should still be fine, but this is a necessary precaution.
Our forums and wiki got compromised by an unknown third-party. On Friday a user warned us that our wiki was redirecting to some Chinese website. As a precaution, we took down that machine (forums + wiki) while we investigated the issue. Now, we are aware that a malicious unknown third-party injected a PHP shell in our server, most likely through a Mediawiki vulnerability. Upon further inspection, we discovered that the forum database had been leaked. For now, our forums and wiki remain offline, while we assess the situation and decide what to do next.
We apologize for this situation, and moving forward we will harden our security surrounding external systems, such as the forums and wiki. and Technic Platform (that includes the launcher) are not affected. Only the forums are affected.
Your Minecraft account is completely unrelated, so it's safe as well.


You must be logged in to comment. Click here to register a new account or log in.
The chinese shall be banned from Technic, The chinese are hackers, They are blocked from this website prob by now but still they might not be.
Edwardplayz 3 years ago
lukgamesmitoo 3 years ago
minkg0147 4 years ago
how could I submit my article here?
greenetelsea 4 years ago
I just lost a ~10 year account because of this breach. I really wish you guys emailed us because I would have updated my information right away if I knew the breach occurred. Because my information was the same as my Minecraft, they were able to take my account which has the transaction email on an email that was discontinued. Please send emails next time. I get that you guys caught it quickly but I never knew that it happened until 6 months later.
slapbox 4 years ago
they did email you. look 4 comments above yours
Posted by macks2008 4 years ago
i have a FML problem pls can fix it or ? thx
The forums are now back again. All passwords have been invalidated, and an email explaining this has been sent out. You will need to reset your password before attempting to login on the forums.
Pyker 5 years ago
I'm guessing this has something to do with the continual downtime of the forums. But darn, can't believe it was leaked in such a way. Well, hope forums do come back and are working again.
NovaLynxie 5 years ago
Robotkid067 5 years ago
I recommend The Laboratory Revisited HQM
Posted by Robombie 5 years ago
i need a good modpack
Robotkid067 5 years ago
I was wondering what happened to the forums! I admit, I was pretty mad that I couldn't access the site (because I was unaware of what was going on) - good on you guys for taking the right course of action! Hope it's not too much of a mess!
poot_n_scoot 5 years ago
Tdogo 5 years ago
wut is the best modpack vote
Robotkid067 5 years ago
Best modpack: Life in the village: RMC edition
Posted by Edwardplayz 3 years ago
wow I had to make a new account because it said my email wasn't registered what's ironic is I didn't see this till today and haven't played Minecraft whatsoever until yesterday.
Tyronez 5 years ago
literally the reason to block china from accessing your servers. How many good things come out of the network in china? that firewall is there to protect us not them.
Xyberviri 5 years ago
Good job on reporting it right away! I received a message from haveIbeenpwned right away. I had an account at one time, but when I went to sign in, it said it couldn't find my account. I went ahead and created a new one and enable 2FA to keep it secure. I hope this won't conflict with any account for the forums once they're back up?
adamvan2000 5 years ago
press f to pay respects
KyroKrypt 5 years ago
Posted by MassiveAlexander12 5 years ago
Posted by Edwardplayz 3 years ago
KyroKrypt 5 years ago
emanuelvsm2009 5 years ago
The passwords are encrypted with bcrypt with a cost of 13 (possibly a different salt for every password but i'm not certain about that)
oscrx95 5 years ago
They had better salt and hash the passwords. Nonetheless, you don't want to take chances, especially if you reuse passwords or don't use a secure password.
snarfblam 5 years ago
What do you mean? Don't you hash your passwords?
Anisic 5 years ago
They most likely do, but the hackers can intercept logins and passwords from machines they hacked.
Posted by Flipper31 5 years ago
Yeah, they hash all passwords, but do you want to take the risk?
Posted by Flipper31 5 years ago
Of course they do, but even the hash of a password, if given the right information that could be obtained from other sources, could be used to produce the correct password. Although that's a "pretty big 'if'", it's still better to be safe than sorry
Posted by macks2008 5 years ago
Damn! Hope nothing will be lost for you guys. Good Job for having stopped them already.
appolon41mc 5 years ago