Looks like the @devkitPro accounts DB (with hashed passwords) just got dumped on Pastebin (https://pastebin.com/0A775EZt caught by @haveibeenpwned). If you haven't changed any reused passwords yet, better get on that now.
-
We had *already* emailed everyone affected by the breach, and even made a public announcement (https://devkitpro.org/viewtopic.php?f=13&t=8846 …). There was no need to spread this any further.
Additional reminders are always a good idea. There is no harm in "spreading this further" because it has already been widely distributed; seeing the paste is more likely to provide benefit by getting people to change their passwords *now*.
-
-
Spreading the password dump is going to result in increasing the chances of people's email addresses being noticed and passwords being bruteforced. Please delete the original tweet in this thread.
-
Anyone who wants to crack the passwords and own people already has the dump. Pretending they don't is security theatre. There is more benefit to be had by causing alarm and urging people to change their passwords *now*.
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.