I'm sure everyone is aware of the account hacking that is taking place on the site at the moment— but how are accounts being hacked in the first place? And what can you do to help keep yourself from being a victim yourself, whether it's to having your account broken into or winding up in C$ debt? Here is a brief guide on what you can do in order to keep yourself safe from hackers.
So, how are accounts being 'hacked' in the first place?
While nobody really knows for sure how each individual account is broken into, the most likely reason is that the hacked account's data was compromised. When a data breach happens online, meaning a website's sensitive information is stolen, it's possible for your information to become accessible to the public. This includes emails, passwords, billing addresses, full names, and other types of sensitive information. Since Chicken Smoothie is a forum-based site that primarily uses email addresses as a form of login, it is possible for hackers to break into your account if your information has been leaked.
What can I do to keep my accounts safe? How can I find out if my information is out there?
You can check if your information has been compromised by going to the Have I Been Pwned? website. It will not only tell you whether or not your account has been compromised, but also what data breaches or leaks have caused your information to become public. Certain password managers and other services may also alert you when your data has been found within a breach. Keep in mind that there was no breach for Chicken Smoothie itself, so all compromised information is being acquired from other websites.
If you make a search and find out that your data has been compromised, don't panic! There are ways you can protect yourself, and previous breach information will not update itself when data is changed. Change your password frequently, and make sure that your password is not easily guessable. Use special characters, capital letters, numbers, and avoid using common phrases as well. Make sure all of your passwords are unique for every account you use. Most email services also allow 2FA, which can help keep both your email and all accounts registered under it safe. Regardless of whether or not your information is public, these steps should all be taken.
Ok, I did all of that, now how can I protect myself from C$ debt and fake giveaways?
The simple answer is just to avoid quitting threads altogether. Although not every single one of them is bound to be fake, this is the best way that you can keep yourself from having any reversed trades in the future. The more difficult option is to avoid trading anyone, or at the very least be wary with who you send a trade to and what you offer for. Your trade may still be reversed even if it is not directly from a hacked user.
Other resources and ways you can help
There are countless other threads out there that are either advocating for Chicken Smoothie to increase its security or educating users on what to do when you a trade is reversed. Here are some other good topics to check out:
Forum/viewtopic.php?f=119&t=4797428
Forum/viewtopic.php?f=119&t=4876199
Forum/viewtopic.php?f=119&t=4876526
Forum/viewtopic.php?t=4876701&f=125
Forum/viewtopic.php?f=119&t=4876624
Forum/viewtopic.php?t=4876975
Forum/viewtopic.php?t=4876886
Update June 4th, 2023:
It has been confirmed by Nick that data breaches are main cause of recent account break-ins:
Nick wrote:I'm working on several security improvements right now, and I've deployed some already, there will be a news post soon with the announcement.
In the meantime, all it takes to keep your account secure is to have a unique good password for your CS account that you don't also use on other websites. The issues have been due to leaked passwords from sites like NeoPets being re-used here.
Link to the thread this response is posted on: Forum/viewtopic.php?f=119&t=4876990&p=142299781#p142299781
Update June 17th, 2023:
Quickly adding one of my previous announcements onto the front page in order to make it accessible to more people:
It is also important to note that accounts are not being compromised through Chicken Smoothie itself and that there was never a Chicken Smoothie data breach. All information is being gathered from other websites, including but not limited to: Neopets, Animal Jam, Twitter, Facebook, Wattpad, Webkinz and other websites that have been breached in the past.
Please help prevent the spread of misinformation and bump this thread if you can.