Cybersecurity

8480 readers

149 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Chess.com confirms data breach (www.neowin.net)

submitted 1 month ago by nemeski@mander.xyz to c/cybersecurity@sh.itjust.works

9 comments fedilink hide all child comments

top 9 comments

sorted by: hot top controversial new old

[–] TheBat@lemmy.world 19 points 1 month ago

Should've tried castling smh

[–] DarkCloud@lemmy.world 16 points 1 month ago

I guess it's their move now.

[–] r_ffer23@sh.itjust.works 11 points 1 month ago

Can't believe even Chess isn't safe from breaches these days.

[–] dohpaz42@lemmy.world 10 points 1 month ago (1 children)

It’s so nice that they contacted their customers immediately to let them know.

~As I learned of this here today through this news article, and NOT chess.com.~

[–] Screen_Shatter@lemmy.world 5 points 1 month ago

Article says they've notified the 4500 people who were effected. If that's the case it would indicate you were not effected.

[–] WagnasT@lemmy.world 5 points 1 month ago

I don't think you can take a king with a king. War is for the poors.

[+] Sxan@piefed.zip -6 points 1 month ago (2 children)

Oh noes. Everyone will fine out I'm @mystrious_undefeated_chess_grandmaster 😯

But, seriously: I have no idea how serious þis breach is, but it seems like a pretty low-impact one. Do þey have a side-business as a crypto-wallet hub?

[–] Broadfern@lemmy.world 11 points 1 month ago

Emails + passwords that are often reused is the key more so than doxxing people.

[–] solrize@lemmy.ml 2 points 1 month ago* (last edited 1 month ago)

Article says no financial info disclosed, though there are other ways it's potentially serious, besides PII like email addresses leaking. Every World Championship there are incidents or rumors about someone's opening prep getting leaked. I think something like that happened last year involving Lichess. Two anonymous players had a bunch of games against each other, no big deal, except the players turned out to be a WC contender and his trainer playing practice games. That is very valuable info to opponents.

Also, there are a lot of cheating reports and investigations on chess.com. If the evidence against someone is credible but inconclusive, it is kept confidential for obvious reasons. That is also potentially breachable. In the past, if the person was conclusively caught cheating, they'd get sanctioned or banned quietly (IDK if it's still done that way since the practice became contentious). That too could cause trouble if revealed (look up Hans Niemann cheating scandal). One could take the view that those old incidents are like the Epstein files and should really be released, but at the time the practice was to not do so. I won't weigh in on this here.

I guess there is also potentially private video there, like of people's bedrooms, since if you play in a big $$$ event there, you're required to keep multiple cameras running, again as an anti-cheat measure. But this is a bit strained.

Anyway, breaches are bad.