Plutonium breach
-
I assume that there has already been some dfir done by the admins however since there doesnt look to be any official communications, has this been dealt with? Will there be a disclosure & forensic report done by the admins?
Link removed -
Please do not post links to piracy and other sensitive content, for obvious reasons.
I will contact the admins and answer when I can -
We know there've been multiple attempts to scrape the publicly accessible user data (username, id, email if the user has opted-in to show it, etc.) and the dump in question is most likely from one of those attempts. Since noticing this (last year) we've added several mitigations, and haven't seen such attempts for quite a long time now. As far as we can tell no sensitive information have been leaked, which is why we haven't formally disclosed these attempts.
EDIT: See https://forum.plutonium.pw/topic/25366/notification-of-plutonium-forum-databreach-september-2021
