What I would like is some assurance that ALL of the code the hackers seized control over has been thoroughly inspected, or compared to backup (clean) versions. Specifically, if I click on a link on one of the affected auction sites, is that link taking me where it's supposed to?
After previous discussions here and a couple of PMs I received, I, personally, am not too concerned about any of my personal data having been stolen. I do think all the AHs involved should force everyone to change their passwords however.
As a computer guy, what I am most concerned about is the integrity of all the code the hackers had control over, and whether or not there can be assurances given that there aren't new vulnerabilities built into it, not just at the higher levels where hackers could gain system-wide access, but also at the individual AH level.
For instance, about 6 years ago a company I worked for was hit by a ransomware attack. I was the first to notice our files were in the process of being corrupted, seeing folder after folder turn into gibberish. The IT guys shut down and loaded a system backup from the previous day, so our company hit was just one day of lost work, and they later told me the hack had come in through a .pdf someone at another site had opened.
So, do any of the affected AHs produce invoices in .pdf format? If so, was that code available to the hackers to replace or modify? Has all of that kind of potential problem been fully analyzed so the whole system can be reasonably considered safe for users?
I am not saying the examples I mention are applicable here. I have no idea what has been done by the hackers or the people working to clean up the sites. All I am saying is that, generally, when a hacker - a thief - has control of a system for a number of days, there are, potentially, a variety of nefarious things that can be done.
I think some detailed assurances should be given, for the sake of everyone, as to the thoroughness of the cleanup.
|