FanPost

BaseballProspectus.com hacked

I just got an email from Baseball Prospectus asking me to change my password. Then I received another email explaining the situation. I have included the content of that email below. It is important to change your password on Baseball Prospectus, especially if you have ever purchased anything from that site.

On April 28, 2012, we disconnected the Baseball Prospectus email server from the Internet because it was behaving erratically. On May 6, 2012, we discovered that there had been an unauthorized intrusion into that server, which we believe lasted less than 24 hours. At the time, it did not appear that any subscriber information had been compromised. We immediately put in place strict measures to prevent any further compromise to member information via our other servers.

Earlier this week, a Premium Account member alerted us to the unauthorized publication of Baseball Prospectus username/password information on a hacking website. Thus far, our investigation shows that only a small number of Baseball Prospectus accounts have been compromised, and even with a username/password combination, accessing a member’s account would not provide access to any address or payment information. We have no evidence that there has been unauthorized access to a member’s account as a result of this breach.

We apologize for this and can assure you that we will continue to monitor this situation until full resolution is accomplished. Our senior staff is working closely with appropriate law enforcement agencies and Internet security experts, and we have been assured that our computer systems have been re-secured.

As a security precaution, we will immediately require that you reset your password for access to the Baseball Prospectus site. We will do this by sending a password reset email to every subscriber's email address, with instructions on the steps to take. This will ensure that your Baseball Prospectus account is under your exclusive control. If you have any issues or problems, please email us at support@baseballprospectus.com (if possible, including your username, real name, and email address as it appears in our records) and we will assist you.

We ask that you reset your account with a new password rather than your previous password to ensure as much security for your account as possible.

If you're one of those people who uses the same password for multiple sites, please consider changing your password for any account you have that used the same password as your BP Premium account. I know it’s a horrible pain, as I did it myself, and I apologize again for the intrusion on your time and effort. To reiterate, while it appears that only a small fraction of our accounts were published to the hacker site, and many of those had incorrect passwords, it’s possible that your BP username and password are available to bad people out there.

Once again, your protection has always been important to me and all BP staff, and I want you to feel secure in your online experience at Baseball Prospectus. Please feel free to email us at support@baseballprospectus.com with any questions, comments, or thoughts.

Thank you for your business, and your time.

Dave Baseball Prospectus
X
Log In Sign Up

forgot?
Log In Sign Up

Forgot password?

We'll email you a reset link.

If you signed up using a 3rd party account like Facebook or Twitter, please login with it instead.

Forgot password?

Try another email?

Almost done,

Join Fake Teams

You must be a member of Fake Teams to participate.

We have our own Community Guidelines at Fake Teams. You should read them.

Join Fake Teams

You must be a member of Fake Teams to participate.

We have our own Community Guidelines at Fake Teams. You should read them.

Spinner

Authenticating

Great!

Choose an available username to complete sign up.

In order to provide our users with a better overall experience, we ask for more information from Facebook when using it to login so that we can learn more about our audience and provide you with the best possible experience. We do not store specific user data and the sharing of it is not required to login with Facebook.

tracking_pixel_9351_tracker