This is a message for all users of the site.

As you may have seen for the last number of months we have had a site notification on the homepage, while we reviewed a number of issues. This email is to share information about a security compromise, and explain what we have done to address it.

Firstly, we detected in September of last year that the site had been caught spamming by our webhost (heanet). Using an obsolete theme, a bad actor had gotten access to the fileserver and was able to spin up around 40 different files in different locations, and a rather aggressive anti-deletion. Having spent a number of weeks investigating the problem, we can announce that it looks like no personal information was compromised, and this affected the site, not our users. The malware that was installed was hijacking via a out of date plugin a lot of backlinks for pharmacies.

As a result of this, we have implemented a number of changes.

Firstly, all users that were a legacy of our time as a forum have been deleted to be on the safe side. The only users left are active admins of the site. Also, we have had to remove the option to submit news via a registered account, instead you’ll need to email us.

We have done a full folder by folder check of the site to clean it up, multiple malware scans, and the cleaned version of the site was ported to brand new hosting, which had a full set of password setups, plus additional security measures to further lock down the server.

We have installed SSL on the site to secure everything going forward, although there was little by way of information that would be a concern on the site to begin with.

The new site has been launched, last week, and we are currently getting it reindexed with search engines which should resolve the issue that Google search results says the site has been hacked.

We would like to thank those of you in our community who flagged the issues, Aphra and Jamie for working through the security upgrades, and Jason in Maynooth University as well as the team in HEANet for assisting us through this time.

Just to reiterate, there didn’t seem to be a compromise to the user database from our investigation into the logs, and while it was a pain to fix, we’re fairly confident to say that no personally identifiable information was compromised.

The admin team