PokeBeach Hacked, Next Steps for the Site
PokeBeach was hacked on Monday. All files were deleted. We have been assessing the situation for the last 72 hours. I have barely slept.
No user data was stolen or compromised.
The hacking was a professional job conducted by an overseas team who wanted to hold the website hostage for monetary gain. The team gained access to the site through an exploit in a popular piece of software we use, which we updated a week prior. We can’t go into too many details because we are currently exploring our legal options.
The team first reverse-engineered our backup script to delete all of our offsite backups. This wasn’t noticed until it was too late. They also attempted to modify PokeBeach’s article program so that new subscribers would be referred to their Paypal account. This was instantly reported to Paypal, who worked with us to confirm no new accounts were affected.
As we locked them out of the web server, they issued a command to wipe it clean. We discovered they were in the process of downloading it so they could offer it back to us for payment. It’s also why they deleted our backups.
Later we received a message from an individual who suggested I should mail him my cards from this tweet if I want some of my files back. He disappeared after I ignored him.
The hackers never had access to our databases. No news stories, forum posts, or user accounts have been affected. However, the last few years of media files are gone. This includes news story images, forum attachments, and similar. We are currently trying to find local backups and use recovery software, but the outlook is grim. Our web host Linode even kindly pooled its team together to help with our recovery efforts.
I consider PokeBeach a monument to the Pokemon TCG. I have worked hard to preserve the last 18 years of my news stories so fans could look back at the game’s history. It really hurts to lose years of that to vandals who don’t care about our game or its community.
Right now we have launched a bare-bones version of the website so we can still post news stories (you’re on it!). Over the next few days we will attempt to bring the forums and article program back online. We ask for your understanding and patience during this stressful time.
Coincidentally, I have been working on a new layout for PokeBeach that was going to launch later this year. It’s not ready yet, but it’s also not worth rebuilding the old website (and its forum integration) when a new website is on the horizon. So it seems we will have to operate in “lite” mode for a little while.
We believe the hackers were drawn to PokeBeach because of the increased popularity of the Pokemon TCG. PokeBeach has been getting more visitors this year than at any point in the last 18 years. The hackers probably thought the site would be worth exploiting.
Tonight we will still be covering the release of S7 Sky Stream & Towering Perfection. So stay tuned to PokeBeach — we aren’t going anywhere!
(Also feel free to follow @pokebeach on Twitter and Facebook for the latest updates. There’s also no better time to join our Discord server if you haven’t already.)