Diane98 sent me a spurious PM too. Message was sent at 6:01 AM on 25 Feb 2021.
BudgetLightForum had already deleted it so I was not traumatized. LOL.
By the way, I donāt know if this is still true, but a long time when I tried to register my usual email with BLF it would not except one with the ā.netā extension. After a couple of years I caved and finally registered using my gmail account.
Thanks for the administrators efforts with the forum!
I agree there doesnāt appear to be any security risk. I see no reason to think anything was compromised.
This type of attack is (er, was) almost trivial to do. The siteās infrastructure was designed to make it easy to automate things without any special permissions. Thatās fixed though, and it sounds like sb is looking into more long-term solutions.
As for the weird behavior when clicking one of the deleted messages, thatās an old issue which was unrelated to the spam. It only showed people their own messages. A little weird, but not a risk to security or privacy.
No, that bit isnāt correct TK. I can see everyoneās messages who replied to me too every message ever that is lol - hundreds of them, or did you mean that? sorry, unsure
Just to be transparent, I removed the previous two threads that started discussing this issue before this official one. Itās not an attempt to hide anything, but rather there was a lot of speculation and wrong information in those threads regarding what had happened. Thanks very much to everyone here for their patience and understanding.
Right, all messages that were ever sent to you were getting dumped onto the screen when visiting an email notification link to a PM that no longer exists. So itās not a privacy leak because they were the same messages that you had sent and received, just all in one big threadless glob.