The file dump that resulted in Nexus Mods suspecting someone had unauthorised access to their files, appears to be old.
Over the weekend, it came to light that the database for Nexus Mods, a popular modding community and mod hosting service, may have been breached. This resulted in files for some Fallout 4 mods being replaced with other potentially harmful ones.
In an update published earlier, admin Dark0ne said the file dump is older than July 22, 2013. Further, this dump doesn’t contain any passwords, only usernames and email addresses.
“From this we can conclude a further two things. Firstly, that it’s relatively safe to assume that whoever made this dump no longer has access to our database,” he wrote.
“Why? Because if they did, they’d have released a much more up-to-date dump of our member database. It would make sense they no longer have any access, considering we’ve patched up a lot of holes, applied countless security updates and switched to a far more secure database cluster system since July of 2013.”
Dar0one recommended users who have not changed their passwords since July 2013, or those who use the same password on multiple sites, to change it, just to be sure.
On the matter of compromised accounts of some mod authors, the moderator confirmed that they were a result of the very simple passwords these authors had used.
For more, including what the site administration will do in the future to avoid such incidents, read the rest of the update.