Just to update, videogamesm12 and root have since confirmed the data leak was in fact a reduced set of data that was previously leaked last year when one of the developers at the time had either their accounts compromised for the server, or shared their accesses (We don't know which, it's claimed to be a compromise). Access has since changed, The following thread has the full disclosure information - https://forum.totalfreedom.me/…lfreedom-developer-server
The data redacted would appear to be that of those who were involved in the attack, we're still investigating because it seems really stupid to have done that, but we have confirmed the data doesn't match what is currently on the live server, we are putting some additional steps in place to add additional layers of security into the existing infrastructure as part of routine security enhancements we have been considering.
-
The NM Issue has been identified as being executed by a separate party to the other two attacks, and we believe the issue stems from a security vulnerability in the web panel software, this is a different security issue to the one a few months ago, but both have the same result. We have put steps in place to disable the web panel and as a result should no longer have this issue. We will be re-launching the web panel on a different infrastructure model in the future behind additional layers of security as we do not want to and can not properly maintain our own web panel instance in the first place.
-
The forums continue to be the target of very aggressive cyber attacks, for context on a "Busy" Day the entire totalfreedom.me estate receives around 30K requests that Cloudflare has visibility over, yesterday we saw around 6 Million unique requests to our infrastructure, and that is only what Cloudflare picked up. The attackers appear to have identified some ways around the cloudflare proxy's and as such the attacks from the last few hours won't be included in the metrics we will start to see tomorrow.
We continue to work to mitigate and stabilize the forums against these attacks, and apologise for the disruption.