sell/giveaway this site

[pandaa]

people are scared. a “we’re working at fixing this” is the least they could do. in my opinion at least.

[Sixx O'Clock]

If you were active on these threads (which is where information was disseminated by post or when they were locked, so those who were concerned received it) it probably seems like this was a world-ending issue, but, in fact, the vast majority of users were not affected or aware. As I said, it was not CS's security that was compromised. Making a global announcement about a relatively small number of accounts being compromised with insecure passwords does not make sense if there is no real information to share about changes that will affect everyone yet.

But if what was already said is true, security improvements were already being made, so why couldn't there have been a "some users may have noticed some trade reversals/security issues, and we'd like to let everyone know that security changes are coming and more info will be shared when possible." sort of announcement? Keep it vague to protect privacy/security, but just let people who are aware of the situation know, and those who weren't aware will also know to update their passwords and such and keep an eye on the announcements for said security updates.

[illumié]

If you were active on these threads (which is where information was disseminated by post or when they were locked, so those who were concerned received it) it probably seems like this was a world-ending issue, but, in fact, the vast majority of users were not affected or aware. As I said, it was not CS's security that was compromised. Making a global announcement about a relatively small number of accounts being compromised with insecure passwords does not make sense if there is no real information to share about changes that will affect everyone yet.

It doesn't seem fair for you to claim to know what percentage of the playerbase is aware or not? Silence doesnt equal unawareness. And your playerbase exaggerating taking a minor problem in your eyes that you were working on previously into a world-ending issue seems like as good a time as any to make a gentle statement of reassurance.

[NA0K0]

If you were active on these threads (which is where information was disseminated by post or when they were locked, so those who were concerned received it) it probably seems like this was a world-ending issue, but, in fact, the vast majority of users were not affected or aware. As I said, it was not CS's security that was compromised. Making a global announcement about a relatively small number of accounts being compromised with insecure passwords does not make sense if there is no real information to share about changes that will affect everyone yet.

But if what was already said is true, security improvements were already being made, so why couldn't there have been a "some users may have noticed some trade reversals/security issues, and we'd like to let everyone know that security changes are coming and more info will be shared when possible." sort of announcement? Keep it vague to protect privacy/security, but just let people who are aware of the situation know, and those who weren't aware will also know to update their passwords and such and keep an eye on the announcements for said security updates.

I agree! The thing is we didnt know that really too so overall an announcement wouldve been nice. Especially with how this all blew up.

[GhastlyWail]

I have mixed feelings about this... Like lets say they DID hand it off to someone else? What if the whole site goes down the same way Club Penguin or other childhood games did in favour of the new company in charge just wanting money? I want this site to live on I really do but if these security issues don't get resolved then the site will simply just fade away. I don't want the site to be sold or auctioned off + plus I feel like we shouldn't have a say in the matter... But if we at least get maybe another code or maybe some sign that issues will be talked about openly. I know hiring more staff costs more money and adding/changing code can take hours but it would benefit everyone in the end. I just wish the staff were more transparent. That's all. This is in no way an attack on them.

[lyney]

a small percentage of users still affects much of the playerbase, contrary to what may be believed. we are a tight knit communtiy that word is bound to spread like wildfire, so for everything to be kept on the down low ended up even more fuel being added to the fire. it is to the point that more users seem to be quitting than usual (myself included), and to not make an announcement about all of this could be a likely cause for even more issues. i know some users who wouldn't have known to secure their passwords had we as the playerbase not made a fuss about it, because nothing was being said.

sure, ~15 breached accounts is a small fraction of the many active users, but it has still brought about so much. us as the playerbase were scared of what was happening when the trade reversals began because we didn't know what was going on, and now we're here. it's to the point that every quitting user has to add "i am not hacked and this is by my own decision" under their thread because everyone is distrusting of them. even innocent users are being put under fire when quitting because it's "suspicious". i even made a safety thread because i felt like something needed to be said, because the guidance we needed was.. lacking?? everyone was freaked out and nothing was done to solve this other than silencing us and sweeping us under some fancy little rug.

this isn't a direct criticism to anybody, but i just feel like this should be referenced for the future. communication will be key in events like this. )): a global, server-wise announcement would've helped instead of locking threads or holding back information.

[pandaa]

a small percentage of users still affects much of the playerbase, contrary to what may be believed. we are a tight knit communtiy that word is bound to spread like wildfire, so for everything to be kept on the down low ended up even more fuel being added to the fire. it is to the point that more users seem to be quitting than usual (myself included), and to not make an announcement about all of this could be a likely cause for even more issues. i know some users who wouldn't have known to secure their passwords had we as the playerbase not made a fuss about it, because nothing was being said.

sure, ~15 breached accounts is a small fraction of the many active users, but it has still brought about so much. us as the playerbase were scared of what was happening when the trade reversals began because we didn't know what was going on, and now we're here. it's to the point that every quitting user has to add "i am not hacked and this is by my own decision" under their thread because everyone is distrusting of them. even innocent users are being put under fire when quitting because it's "suspicious". i even made a safety thread because i felt like something needed to be said, because the guidance we needed was.. lacking?? everyone was freaked out and nothing was done to solve this other than silencing us and sweeping us under some fancy little rug.

this isn't a direct criticism to anybody, but i just feel like this should be referenced for the future. communication will be key in events like this. )): a global, server-wise announcement would've helped instead of locking threads.

boosting this!!!!! ^ exactly my thoughts

[asta,]

If you were active on these threads (which is where information was disseminated by post or when they were locked, so those who were concerned received it) it probably seems like this was a world-ending issue, but, in fact, the vast majority of users were not affected or aware. As I said, it was not CS's security that was compromised. Making a global announcement about a relatively small number of accounts being compromised with insecure passwords does not make sense if there is no real information to share about changes that will affect everyone yet.

> this i don't agree with in the slightest. a "small number" of compromised accounts
that resulted in- what- hundreds of reversed trades? people being put into debt?? i
don't think you're being fair to the users that were effected, either. they're still a
part of the community. your response seems entirely indifferent to the problems.

[boston]

If you were active on these threads (which is where information was disseminated by post or when they were locked, so those who were concerned received it) it probably seems like this was a world-ending issue, but, in fact, the vast majority of users were not affected or aware. As I said, it was not CS's security that was compromised. Making a global announcement about a relatively small number of accounts being compromised with insecure passwords does not make sense if there is no real information to share about changes that will affect everyone yet.

just because it was only a handful of users doesn't make it any less important in my opinion. nonetheless, we are all glad to hear there will be updates coming and hopefully, all of the issues will be resolved.
thank you cs staff for addressing this.

[Lacuna]

I want to clarify that this will be the last post I make on this thread because I have other responsibilities to attend to. I will admit that I feel frustrated in trying to convey information and having people then twist and look for holes in it because they think that I am trying to cover something up or be dishonest when I truly want the best for the users and CS.

I truly believe that a sitewide announcement would have done more harm than good based on the facts of the situation. Many people have distorted those facts in this thread even after statements from both Nick and myself to the contrary also in this thread, which is why some people think it is so serious that CS's security was compromised. That only shows that a sitewide announcement would have incited more panic and incorrect info if it was vague. Big changes cannot happen instantaneously, and I do believe that the sincere requests for specific security changes were helpful to understand what people are interested in, but not everything is possible or the most helpful solution so they may not be implemented.

Please be patient for the detailed announcement that will be available as soon as possible.