DTRPG is under attack by hackers. They say they haven’t been compromised, but advise people to change their passwords as one of the attack vectors uses passwords obtained elsewhere to try to log in to your account, especially if the password you use there is used elsewhere too.
So to be safe, change your password.
To be clear — to my knowledge they haven’t been hacked. Nothing has been compromised. But somebody is attempting to do so, and they’re taking precautions.
They’ve also deactivated PayPal payouts temporarily while they work to secure things.
Hopefully it will all sort itself out soon! Announcement below.
On October 31, 2019, we reset the passwords for all customer accounts associated with publisher earnings, author/licensor royalties, or affiliate marketing earnings on our marketplaces: DriveThruRPG, DMs Guild, Wargame Vault, Storytellers Vault, Ulisses Ebooks, etc.
Our sites have been under attack from Russian hackers using thousands of networked, malware-infected devices. The hackers used a list of email addresses and passwords they acquired from other sites and proceeded to bombard our sites with those email+password combinations. When they found a match, where someone used a common password on our marketplace as well as whatever other site(s) the hackers had compromised, the hackers then accessed that account and looted the account’s balance to their own PayPal account.
We attempted other countermeasures first, but on October 31, we had to take a more comprehensive approach and reset every publisher, author, and affiliate account’s password. This action should ensure that the hackers stop getting any email+password matches from their database that might allow them to access more accounts.
If you are a publisher, creator, or affiliate partner, you will need to initiate a password reset the next time you visit our site so that you can create a new password.
We cannot recommend strongly enough the use of password managers to help you use unique, safe and secure passwords for every site you visit.
So to be safe, change your password.
To be clear — to my knowledge they haven’t been hacked. Nothing has been compromised. But somebody is attempting to do so, and they’re taking precautions.
They’ve also deactivated PayPal payouts temporarily while they work to secure things.
Hopefully it will all sort itself out soon! Announcement below.
On October 31, 2019, we reset the passwords for all customer accounts associated with publisher earnings, author/licensor royalties, or affiliate marketing earnings on our marketplaces: DriveThruRPG, DMs Guild, Wargame Vault, Storytellers Vault, Ulisses Ebooks, etc.
Our sites have been under attack from Russian hackers using thousands of networked, malware-infected devices. The hackers used a list of email addresses and passwords they acquired from other sites and proceeded to bombard our sites with those email+password combinations. When they found a match, where someone used a common password on our marketplace as well as whatever other site(s) the hackers had compromised, the hackers then accessed that account and looted the account’s balance to their own PayPal account.
We attempted other countermeasures first, but on October 31, we had to take a more comprehensive approach and reset every publisher, author, and affiliate account’s password. This action should ensure that the hackers stop getting any email+password matches from their database that might allow them to access more accounts.
If you are a publisher, creator, or affiliate partner, you will need to initiate a password reset the next time you visit our site so that you can create a new password.
- Go to DriveThruRPG, DMs Guild, or any of our sites and click Log In.
- On the Log-In prompt, select the “Forgot Password?” link to initiate a reset of your password.
- Follow the instructions to reset your password. Please make sure your new password is something unique to your OneBookShelf account, and make sure the password contains a long variety of characters.
We cannot recommend strongly enough the use of password managers to help you use unique, safe and secure passwords for every site you visit.
