GOMTV.net compromised - Page 23

On August 13 2011 13:00 Stanlot wrote:
Has anyone at GOM made a statement about this yet?

On August 13 2011 03:14 R1CH wrote:
There's a post on reddit that suggests that GOMTV has been compromised. I have independently verified that at least some usernames, passwords and email addresses have been compromised.

There appears to be zero security on the passwords as they were stored in plain text (really GOM?). This means if you use your GomTV password anywhere else, you should change it and consider it compromised. To clarify, your GomTV.net username, email address, PayPal real name and your GomTV.net password are likely compromised. Personal information such as your address may be compromised too if it was stored. You should also change your GomTV password to prevent unauthorized account access, although the exploit through which the information was compromised may still exist.

Since payments are processed through PayPal, there is no risk of your financial information being compromised, unless you used your PayPal password when signing up for GomTV (don't do this). Users who logged in via SNS should be safe as Twitter / Facebook authentication is token based, not password based.

If you aren't already, you should really use unique passwords for each website since this happens more often than you think (ever hear someone say they were "hacked"? this is likely how it happens) and not all websites will disclose if they get compromised. Use http://keepass.info/ for password management.

On August 13 2011 13:14 Zzoram wrote:


Oh come on. GOM has been producing excellent content. Just because their IT department sucks doesn't mean you should hate on GOM.

Sony had the exact same problem and they're worth orders of magnitude more than GOM as a company.

On August 13 2011 13:14 Zzoram wrote:


Oh come on. GOM has been producing excellent content. Just because their IT department sucks doesn't mean you should hate on GOM.

Sony had the exact same problem and they're worth orders of magnitude more than GOM as a company.

On August 13 2011 13:23 jnkw wrote:


Sony didn't store passwords in plaintext.

You have no idea how bad this from a security standpoint.

On August 13 2011 13:24 NoobSkills wrote:


Sony did store their passwords in plain text.
Why would you post an outright lie... unless they retracted their first public statement.

Edit: They did retract what they said, though admitted to using a very crackable hash format. Either way Sony has much more money than GSL and still messed up. Also how hard is it to change your password?