Quote:
Originally Posted by tigermom
Thanks for the heads up! Does that mean all nats sponsors have been compromised?
|
I doubt that ALL nats sponsors have been compromised, but any that had not already disabled the admin password that TMM used for updating and maintaining nats installs is/was vulnerable.
It appears that TMM's internal database of these admin logins was compromised. The fact that this information was even web accessible is appalling. A serious fuck-up by TMM, compounded by the fact that they knew there was some kind of 'hacker' problem many months ago and failed to inform ALL of their clients.
I spent a fair amount of time yesterday checking my account info for all sponsors I've signed up with that use nats. Not exactly how I'd planned to spend several hours yesterday.
"Fucking Nats!" is right. I think CCBill's new cascading solution may have a few additional clients after this fiasco.