Important Mir3 test server DB leak

Tai

HEAD CAPTAIN
Staff member
Administrator
May 11, 2003
14,279
2
2,645
515
United Kingdom
Dear all,

It has come to my attention that a small user database from November containing personal information such as names, email addresses, IP addresses, usernames and encrypted passwords has been accidentally leaked to the public. As it was a test server I have been told that players affected is limited to just 15.

Anyone who played the Olymp Mir 3 test server should now take appropriate precautions to ensure their email accounts, PayPal etc are all secure.

I should take this opportunity to remind everyone the importance of using UNIQUE usernames and password for each and every private Mir server that they play.


/LOMCN Administration
 

zedina

Mir3 Dev
Legendary
Dec 22, 2005
3,167
1
1,017
340
Not looked into it myself.
I noticed that some guy Riayo spammed discords with the Olymp Server Launcher,

Checked their ftp (lmfao azure trial) and saw the paypal logs and stuff (didnt touched because i dont want drama)

Today i had a talk with one of Guild Leaders from my server and he told me he been on Olymp Alpha for months which had a static IP.

Asked the GameMasters from Olymp to provide me the truly list of players (just char name) so i can scan PledgeOfBlood database to prevent accounts getting scammed. Ofc Admins ignored and said they handled it, HANDLE WHAT?

Very disapointed from Olymp, shame Triton its not here anymore (dont even think he knows about this "Olymp")



unknown.png

unknown.png
 

Pottsy

Legend
Legendary
Feb 26, 2004
3,275
251
329
Wait...they put all of that on an open FTP willingly? I would assume without realising or are they just thick? lol. But to also have Paypal logs on their too...my god :D

I hear this is assisted by ExCaLa too? I'm somehow not surprised and would to some extent even believe this was intentional...one way to kill a server before release i guess.
 

zedina

Mir3 Dev
Legendary
Dec 22, 2005
3,167
1
1,017
340
Hopefully, anyone who helped test that server had the brains to use a throwaway email and password.

They did not, 3 of 10 players who played my server(10 players confirmed they was on their beta at some point) used their usual email.
Now most of them succeeded to reach to the ISP to change their static IP and they changed passwords on my server.

Olymp should be flagged as avoid/untrusted for this sensitive data leak,
I suspect already the leaked data to be more than 15 since they had 25 alpha grades on his discord.

Image some chinese decrypting the users.db and try 25 accounts on all zircon servers (zenx,sea,usa,ancient,infamous,ben,xenos) and rip accounts off.
 
Last edited:

Pottsy

Legend
Legendary
Feb 26, 2004
3,275
251
329
Ripping off other server accounts is the least of peoples concerns. Many a times have people been told not to use the same details...if they continue to do so, that's their own fault.

But to have Paypal or any other real life information be involved is disgraceful, as no doubt the people stupid enough to use the same details over and over are likely the same kind of people to use those details on Paypal and other legit online services like clowns.

My advice to those players would be to go full whack on all of your online services and mass change them all to something completely unrelated before you get fked
 

Tai

HEAD CAPTAIN
Staff member
Administrator
May 11, 2003
14,279
2
2,645
515
United Kingdom
Ripping off other server accounts is the least of peoples concerns. Many a times have people been told not to use the same details...if they continue to do so, that's their own fault.

But to have Paypal or any other real life information be involved is disgraceful, as no doubt the people stupid enough to use the same details over and over are likely the same kind of people to use those details on Paypal and other legit online services like clowns.

My advice to those players would be to go full whack on all of your online services and mass change them all to something completely unrelated before you get fked

This was a test server; the only pp transactions were GM tests, but yes as I said it would be prudent to take those precautions anyway.
 

Vaytrex

Dedicated Member
Dedicated Member
Oct 21, 2016
227
41
54
Can someone pm me the email effected so that I can inform some of the player too?
 

zedina

Mir3 Dev
Legendary
Dec 22, 2005
3,167
1
1,017
340
You're free to direct your players to this thread :)

To give free advertising to that crap server where GM are not careful with sensitive data?
No thanks.

If the owners of that server were dumb enough to leak it once, what will stop them doing it again?
 

Tai

HEAD CAPTAIN
Staff member
Administrator
May 11, 2003
14,279
2
2,645
515
United Kingdom
To give free advertising to that crap server where GM are not careful with sensitive data?
No thanks.

If the owners of that server were dumb enough to leak it once, what will stop them doing it again?
Free advertising? No that's just you

Sent from my SM-G970F using Tapatalk
 
  • Haha
Reactions: zedina

Vaytrex

Dedicated Member
Dedicated Member
Oct 21, 2016
227
41
54
To give free advertising to that crap server where GM are not careful with sensitive data?
No thanks.

If the owners of that server were dumb enough to leak it once, what will stop them doing it again?
Absolutely truth haha!
 

SmavidDavid

Playing Legend of Mir 5
Legendary
Jun 13, 2006
4,100
509
310
Worthing, West Sussex
To give free advertising to that crap server where GM are not careful with sensitive data?
No thanks.

If the owners of that server were dumb enough to leak it once, what will stop them doing it again?

Didn't your mother teach you if you've nothing to say thats nice, shut your mouth? 🙄

Im sure this is not the first time you've accused Tai of advertising another server via an announcement/post about something relatively important.
 
  • Dislike
Reactions: XloverBoy7X

zedina

Mir3 Dev
Legendary
Dec 22, 2005
3,167
1
1,017
340
Didn't your mother teach you if you've nothing to say thats nice, shut your mouth? 🙄

Im sure this is not the first time you've accused Tai of advertising another server via an announcement/post about something relatively important.

By free advert means there will always be naive users who will see this thread and try the server anyway, use same EMAIL/PW and roll on.

LEAKED DATA -> SENSITIVE INFO -> EMAIL/PW DECRYPTED -> TRY OTHER SERVERS -> SCAM ACCOUNTS -> MORE PROBLEMS FOR THE REST OF SERVERS THAN OLYMP.

By free advertising i ment that the problem could of been solved by removal of Olymp advert and not doing a mega spam of this so malicious idiots start rip accounts on other servers.

Regarding to the 15 accounts and "GM set the accounts" is false, i got players from my server who confirmed they used their personal email (that its used on mir servers) on that server along with their STATIC IP.

Let's not forget Brolly spammed my discord users (which i sent proof to Tai looooooong time ago)
Some players are naive enough to use same email/pw on zircon servers.

brolly03/05/2020
YouTube
Brolly
Olymp Legend Of Mir 3
 

Tai

HEAD CAPTAIN
Staff member
Administrator
May 11, 2003
14,279
2
2,645
515
United Kingdom
Are you high or just plain retarded?

Tai said:
I should take this opportunity to remind everyone the importance of using UNIQUE usernames and password for each and every private Mir server that they play.

If you know people who don't want to take this advice, THAT IS NOT MY PROBLEM.
 

Brolly

Loyal Member
Loyal Member
Mar 11, 2020
57
25
30
Middlesbrough
This player was never in alpha/beta, he sold his account and recalled it back 2 days later. and now is trying to sell other things.
 

Chalace

Dedicated Member
Dedicated Member
Jan 18, 2014
1,823
275
125
"The chineses"
Image some chinese decrypting the users.db and try 25 accounts on all zircon servers (zenx,sea,usa,ancient,infamous,ben,xenos) and rip accounts off.

You really are an ignorant, racist little ****. Aren't you?
Also, it's 'Chinese', you illiterate pig.

That is all.