# Weird email with title of "Important information about your VerticalScope account"



## GracelynHorseLover (May 6, 2016)

GracelynHorseLover said:


> A few minutes ago I just received an email from legal [email protected] and in part of the email it says
> 
> "You are receiving this email because you are a registered user of the following community website(s) involved in the data breach:
> www.horseforum.com".
> ...


Notice of Data Breach

You may have heard reports recently about a security issue involving VerticalScope. We would like to make sure you have the facts about what happened, what information was involved, and the steps we are taking to help protect you. VerticalScope owns and operates a number of community websites. You are receiving this email because you are a registered user of the following community website(s) involved in the data breach:
www.horseforum.com

What Happened?

On June 13, 2016, we became aware that February 2016 data stolen from VerticalScope was being made available online.

What Information Was Involved?

Community member usernames, email addresses, hashed passwords, community userIDS, community website, and the IP address the username originally registered with.

What We Are Doing

We have invalidated passwords of all VerticalScope user accounts. We have posted a site security notification on each site updating users on the potential risk to certain accounts, the password reset and steps we are implementing to improve security. We have implemented stronger password rules (passwords now require a minimum of 10+ characters and a mixture of upper- and lower-case letters, numbers and symbols) along with automated account password expiries to encourage more frequent password changes. We will remind our users to use good password practices (not using the same password for multiple online accounts and using unique strong passwords). We are in the process of implementing additional safeguards to detect, alert and mitigate any future brute force attempts, and have notified our third party vendors that interact with our various forum API's of the February breach to allow their own security teams to investigate. We are continuing our investigation and will be collecting information to provide to the appropriate law enforcement authorities.

VerticalScope is taking steps to strengthen account security. We were already using encrypted passwords and salted hashes to store passwords, and our new password controls are intended to further strengthen user security. We are taking steps to investigate and test new encryption and security technologies to further protect our users.

What You Can Do

To keep your account as safe as possible, we recommend that you regularly change your VerticalScope community password, and that you use a unique password for each of your online accounts. Using the same password for multiple online accounts significantly increases your chances of being compromised. Even though the passwords stolen in February were hashed, we recommend that if you were using (or are currently using) your VerticalScope community password across multiple online accounts, that you change your password for such other online accounts. We encourage you to regularly review your accounts and report any suspicious or unrecognized activity immediately.

For More Information

If you have any questions, please feel free to contact our Community Management team by email at [email protected] or on the website that you frequent. A support thread has been created on each website, and our support teams are on there to help you through the process and answer any questions you may have. A Notice of Data Breach is also available on community websites involved in the data breach.


----------



## greentree (Feb 27, 2013)

Yes, i got it, too! CYA.....


----------



## tinyliny (Oct 31, 2009)

I got it too.


----------



## elle1959 (Sep 7, 2015)

Did anyone flag the admins so they can respond to this? I'm going to go ahead and report the OP so that we can hear from them.


----------



## JCnGrace (Apr 28, 2013)

I got it, just figured it was part of the reason they were making us get new passwords.


----------



## jaydee (May 10, 2012)

I did report this to the Techie team because we'd had several reports for members
I haven't had a reply from them yet but now that I've read the email as copied on this thread it does just look to be the same thing that was posted on the Forum explaining why the password reset requirement happened
It doesn't have any links in it but just to be safe until we do hear something from HQ I would suggest to not open it if you haven't already done that and not use that email address it gives you to report problems/queries but do that directly from the forum site


----------



## QHDragon (Mar 6, 2009)

Haven't gotten it yet, but I noticed that there has been an security notice with a clickable link at the top of this page for a few days now. Also, wasn't this why we had to update our passwords a while back? Scary to know that my information could be floating around in cyberspace somewhere. Thankfully I don't think this site stores any super sensitive information that could lead to more than just annoying spam in our inboxes, unless I am mistaken.


----------



## jaydee (May 10, 2012)

The site only has the info that you give it - your email address, password, DOB, gender and the things that you share here with other members on the open forum. Most members have a user name and real names aren't asked for when you join
The most important thing is to not use the same password here that you use anywhere else especially if its linked to the same email address
If your email address contains your real name you could change that to match your user name by opening a free email account with someone like Gmail or yahoo etc


----------

