Hello, we’ve recently setup a Discourse forum with SSO.
Now one of our users claims to be a hacker and I believe it’s actually legit.
He has given me screenshots of the user database which matches exactly with the Discourse database.
So he has emails from all our users and ip addresses.
The reason it must be from Discourse is because our own database stores different IP addresses and doesn’t have flag_level.
I’d like to get in contact with a developer or someone experienced so that the security issues can be resolved.
It really shouldn’t be possible for anyone to hack into the forum to access private data from all users.
The image on the right is the one the hacker sent us and the one on the left is from the data explorer on our site. (we just installed that to find out of it came from the forum it wasn’t installed before)
I blurred most of it but as you can see the stuff that isn’t blurred matches with the forum.
– screenshot removed (no longer relevant) –
It’s either the forum itself or SSO but there’s obviously a security breach and I really hope an expert can contact me so that it can be resolved.