Dafont has been hacked

This morning I got a notification from haveibeenpwned.com that my credentials at dafont.com have been exposed due to a data breach. Zdnet has the story. If you have a dafont account, please change your password, and if you use that password on other sites too... don't do that.

Comments

  • Adam JagoszAdam Jagosz Posts: 69
    "Page in maintenance. Modifications to your profile are disabled at the moment for security reasons."
    "We are currently working to fix some vulnerabilities. Meanwhile, modifications to your profile are disabled to limit malicious access to user accounts.
    Everything should be back in a few days, and then you'll be asked to change your password. We apologize for any inconvenience. "
  • Adam JagoszAdam Jagosz Posts: 69
    The message above still shows up. Is that for real? :open_mouth: How many days can be counted as "a few"? I guess resolving this is going to take them as long as reviewing font updates. That is to say, forever.
  • Simon CozensSimon Cozens Posts: 222
    If you have a security compromise on a site whose main business is digital downloads, the whole darn thing is suspect. You either look through and reconstruct every single zip file, or you burn it down and start again.

    That's if you take security seriously, of course. If you don't understand security, just keep the site running but don't allow affected users to change their compromised passwords...
  • James PuckettJames Puckett Posts: 1,421
    Whoever owns DaFont might have decided to shutter it. Web ads don’t make the money they used to. And DaFont has no doubt lost visitors to Google Web fonts, as well as sites that blatant offer free downloads of retail type.
Sign In or Register to comment.