Cyber attack on the trust (4 Viewers)

D

Deleted member 5849

Guest
This is a bonkers statement.
 

shmmeee

Well-Known Member
Anyone work in data protection / GDPR? There’s consequences to this sort of thing aren’t there.

If there was a breach they have to report it and tell people their data was compromised yes.

As long as they’ve taken reasonable precautions for data protection (user access levels, passwords, etc. Nothing fancy for an org of their size) then they’ve done nothing wrong.
 

shmmeee

Well-Known Member
Also LOL at “if they have the knowledge to do this”. You guys know what script kiddies are I assume? You don’t need to be Kevin Mitnik to try and hack someone FFS.

Love the derision here compared to Nicks regular accusations that there’s bots everywhere. ;) Maybe everyone on all sides should calm down on the paranoid conspiracy theories.

Sounds like they’ve connected to a dodgy WiFi network while in London and got themselves onto someone’s hit list maybe. Hard to tell without more info.
 

Nick

Administrator
Also LOL at “if they have the knowledge to do this”. You guys know what script kiddies are I assume? You don’t need to be Kevin Mitnik to try and hack someone FFS.

Love the derision here compared to Nicks regular accusations that there’s bots everywhere. ;) Maybe everyone on all sides should calm down on the paranoid conspiracy theories.

Sounds like they’ve connected to a dodgy WiFi network while in London and got themselves onto someone’s hit list maybe. Hard to tell without more info.

Ha, apart from I actually have a clue what I'm talking about...

I'd be interested to know the knowledge the Trust have to get exact locations of IP addresses and what it was based on that it the attack originated in "Kensington". Also why they thought a security alert should be reported to the the police.

Don't embarrass yourself like they have.
 

Briles

Well-Known Member
Ha, apart from I actually have a clue what I'm talking about...

I'd be interested to know the knowledge the Trust have to get exact locations of IP addresses and what it was based on that it the attack originated in "Kensington". Also why they thought a security alert should be reported to the the police.

Don't embarrass yourself like they have.
Can you tell me my current location.......
 

RoboCCFC90

Well-Known Member
You don't think that was the intention do you?

The email address in the article doesn't exist either, theskybluetrust.co.uk hasn't been registered.

I wouldn't be surprised if it was.
 

shmmeee

Well-Known Member
Ha, apart from I actually have a clue what I'm talking about...

I'd be interested to know the knowledge the Trust have to get exact locations of IP addresses and what it was based on that it the attack originated in "Kensington". Also why they thought a security alert should be reported to the the police.

Don't embarrass yourself like they have.

Must have missed your thread on all the fake accounts we have and how you identified them. Sorry mate.
 

Nick

Administrator
Must have missed your thread on all the fake accounts we have and how you identified them. Sorry mate.

You mean like when I sent you a PM a while back because I knew you were logging into a different account to which you said it was by mistake? ;) (For the record, I think it was a mistake from using somebody else's computer rather than a full on dual personality).

I've pointed out about the guy on Twitter multiple times recently, must be a conspiracy though? ;) After all they have denied he is involved, since then he's been on a coach to London with them and added as a board member.

Not sure why you get so desperate about it, it's a bit weird.
 
Last edited:

mark82

Super Moderator
Must have missed your thread on all the fake accounts we have and how you identified them. Sorry mate.

We get alerts based on shared IPs that highlight duplicate accounts. We do occasionally get bots posting spam posts too but the ones that do somehow make it through get deleted pretty promptly (we hardly see any now to be fair but have in the past).
 

mark82

Super Moderator
Can you tell me my current location.......

On the old forum we used to get a map under the moderator tools that gave a location of where people were posting from. I can tell you it was wildly inaccurate.

Just as a quick example of how inaccurate IP location can be, a lookup of my IP gives this information....
  • Your Public IPv4 is: 86.187.175.77
  • Your IPv6 is: Not Detected
  • Your Local IP is: 10.113.104.22
  • Location: Southampton, ENG GB
Once I come off WiFi it tells me I'm in Hatfield. I'm currently sat in a hotel at Gatwick.
 

CV22SBA

Well-Known Member
On the old forum we used to get a map under the moderator tools that gave a location of where people were posting from. I can tell you it was wildly inaccurate.

Just as a quick example of how inaccurate IP location can be, a lookup of my IP gives this information....
  • Your Public IPv4 is: 86.187.175.77
  • Your IPv6 is: Not Detected
  • Your Local IP is: 10.113.104.22
  • Location: Southampton, ENG GB
Once I come off WiFi it tells me I'm in Hatfield. I'm currently sat in a hotel at Gatwick.
This was kind of my point earlier. You are using a hotel network and the head office/server will be in Southampton not Gatwick. That’s where you are logging into so that’s where the location of your ip address will be. It’s not inaccurate.
 

Nick

Administrator
Strange, a Trust board member is now trying to deny they are implying it was related to SISU. A few hours ago he was trying to push the implication...

As keeps being pointed out, why do they let such dickheads have access to their social media? You have people like Moz do a heartfelt interview which fans can relate to and then somebody gets access to social media and ruins it all.
 
  • Like
Reactions: vow

duffer

Well-Known Member
As I understand it, if there was a breach (or the possibility of a breach) that compromised personal data, then by law the Trust would need to investigate, document, and depending on the circumstances, notify the ICO.

I think the claim here is that there wasn't a breach exposing personal data, but some kind of attack to pull down the website and email service.

However, attempting to breach the email service, would to my mind potentially expose a considerable amount of personal data; for example email addresses and contact details of trust members and others, that might well have been passed around between officers of the trust for entirely legitimate reasons. That's the sort of thing the ICO would expect to be notified of.

Truthfully, I'm afraid I doubt the competence of the trust to manage this kind of thing properly, nothing that I've seen so far gives me any confidence in them. And that's just at the technical level.

Like many others, I don't want the trust pretending to speak for me, they don't. They can keep the quid though!
 

mark82

Super Moderator
This was kind of my point earlier. You are using a hotel network and the head office/server will be in Southampton not Gatwick. That’s where you are logging into so that’s where the location of your ip address will be. It’s not inaccurate.

Exactly. It's based on the local ISP hub.
 

chiefdave

Well-Known Member
Strange, a Trust board member is now trying to deny they are implying it was related to SISU.
How stupid do they think people are? There is no reason to mention a location whatsoever when announcing something like this but we're expected to believe that the trust innocently published that it was from Kensington, the exact same place they visited last week to protest SISU.

I notice nobody from the trust has responded to any queries regarding the address they went to last week and if they just went to the registered address or if they actually know where SISU's offices are. Clive Eakin must have gone along for CWR as he mentioned on Saturday there was absolutely nothing to indicate it was SISU's place of work.
 

Nick

Administrator
How stupid do they think people are? There is no reason to mention a location whatsoever when announcing something like this but we're expected to believe that the trust innocently published that it was from Kensington, the exact same place they visited last week to protest SISU.

Think that's one of the issues, they don't seem to realise that people aren't stupid. They are either a bit slow or they genuinely aren't that bothered that people can see how obvious it is.

It just undoes the good stuff Moz did last week for example, have pointed this out for years that it's the issue when there are people involved who will throw "grenades" and let Moz / CJ take the flack for it.
 

Warwickhunt

Well-Known Member
Should someone report it to IOC! after all they have members data on the dbase?:angelic:
 

oldskyblue58

CCFC Finance Director
I notice nobody from the trust has responded to any queries regarding the address they went to last week and if they just went to the registered address or if they actually know where SISU's offices are. Clive Eakin must have gone along for CWR as he mentioned on Saturday there was absolutely nothing to indicate it was SISU's place of work.

Well I assume they went to 96 High St Kensington London W8 4SG

Which is listed at Companies House as the Registered Office of the Company SISU CAPITAL LIMITED PARTNERSHIP - Overview (free company information from Companies House)

and

On the Financial Conduct Authority as the principal place of business Financial Conduct Authority
 
Last edited:

oldskyblue58

CCFC Finance Director
I dont think there was any need to indicate a location in the statement. It doesn't follow that the location of the IP is the physical location of hacker

However the Trust would still have a duty of care to its members to indicate that the site had come under attack and reassure that no breach had occurred.

If no breach has happened then my understanding is that it is not necessary to report to the ICO, but that doesn't mean they should not. Hacking or attempting to hack a site is as i understand it a criminal offence and the ICO advice is to report it to the police
 
Last edited:

olderskyblue

Well-Known Member
Just checked mine. Got nothing setup to hide my location, not connected to a head office or any other remote system. Shows as Clapham and I'm sat in an office in Solihull.

So, on this basis, the trust clearly didn't blame SISU, as they too would know the place shown on the ISP does not necessarily represent where the hacker was. You've just exonerated them chief, well done ;)
 

Users who are viewing this thread

Top