The database from EVE-Survival was recently distributed widely so that others could continue the mission of providing guides to EVE’s missions, anomalies, and combat sites. Unfortunately for anyone who’s contributed to the site over the years, that database was distributed with usernames and passwords not only intact but unsalted. The story first broke on Reddit, and INN has independently verified. In total, more than 4000 accounts are reported to have been compromised.
If you had an account on EVE-Survival, you should change any and all passwords that may have been shared with other sites, even if those are only “similar” passwords. Poor password storage practices and database breaches happen regularly, even on major websites so this should be a reminder to all to follow safe password practices:
- Use unique passwords for EVERY site and service you log onto.
- Choose difficult to guess passwords – preferably randomly generated, and make good use of the entire allowance of length and characters every time.
- Use a password manager to alleviate the burden of generating and remembering good passwords.
- Use 2FA wherever it’s offered, and demand it if it’s not offered.
Stay safe out there!