Announcements & News
The latest announcements and Flight Rising news.
TOPIC | Update: State of the Site
[b]1-18-2014:[/b] Greetings Flight Rising Community: Since we have concluded maintenance we have noticed that some players have had their Flight Rising accounts compromised. We have been actively investigating this event. We thank you for all of your immediate and direct reports of these compromises; they greatly aided our investigation. This is the information we know at this time: [LIST] [*]Several players had their accounts compromised after we returned from maintenance. [*]At this time, we have no solid evidence of a data breach, but we now harbor a strong suspicion that in Flight Rising's first month online attacks may have been made against it that are causing the issues we are facing today. The users who were compromised were older users whose information may have been accessed prior to additional security measures that were added some time ago. We have[b] issued a global password reset [/b]to ensure absolute safety. [/LIST] What we are doing now: [LIST] [*]Although already encrypted, we are adding extra security to user passwords. [*][s]In order to do so we will have to put the site into read-only mode for approximately fifteen to thirty minutes, with the potential for it to last slightly longer.[/s] [*]When we take the site out of read-only mode, all log-in credentials will be reset and you will be unable to log into your account until you [url=http://flightrising.com/index.php?p=lostpass]change your password[/url]. To be as precautionary as possible, you will not be able to use a previous password. [*]To cover all bases: If you use the same password on other sites as you do for Flight Rising, we strongly recommend you change them. It is the best practice to use different passwords for each of your accounts. [*]This global reset is to protect users from the previous tech that was in place. Our investigation indicates that newer users should not be at risk. [*]Those who directly reported their accounts being compromised have been restored. If you have been affected and not reported it, please do so immediately via [url=http://flightrising.com/index.php?p=contact]Contact Us[/url]. [/LIST] We deeply regret this turn of events. When we launched Flight Rising we thought that we had taken enough security measures to protect the site from malicious attacks. We were wrong. We have since added and will continue to implement even more layers of security to further protect your account integrity. We are committed to Flight Rising and our community and to ensuring a great play experience. We are learning from this situation and from our mistakes. We sincerely apologize to you, our players; without you we would not have the amazing community full of vibrant creativity we have today. You make Flight Rising all that it is, thank you! ----------------------------------------------------- [b]1-16-2014:[/b] We wanted to thank everyone for their support and patience while we worked on securing [i]Flight Rising[/i] following the breach. From what we have gathered, an outside party seeking to damage the site gained access to an admin-level account. Over the past few days, we have been working closely with LightSky to run multiple tests and shore up any vulnerabilities that we could find. We apologize that this took as long as it did, but given that the safety and security of our users is paramount, we wanted to dedicate a proper amount of time to ensuring that situations like this do not occur going forward. As we mentioned in our previous message, we have no reason to believe that any user passwords were compromised, and because gem sales happen on Paypal's website, absolutely no financial information was compromised. We will always stress personal account security, and still recommend that users change their passwords often, and use unique and complex ones for all of their different accounts. The site is once again available for play, and we will be monitoring it heavily going forward. We ask that everyone remain very vigilant, and report [b]any[/b] suspicious activity to us immediately and privately via the [b][url=http://flightrising.com/index.php?p=contact]Contact Us[/url][/b] form. At the time of opening the site, everyone will likely notice the following changes: [LIST] [*]All dragons have been fed to full energy. [*]All players have had their clan energy bonus meter maxed out so that they may start accumulating bonuses immediately. [*]All players have received a food point increase of 200 for each food type. [*]All nests have had full incubation and will be ready to hatch immediately. [*]All players will have a special limited familiar, the [b]Golden Bantam Fangar[/b], waiting for them in their inventory. [/LIST] [center][item=golden bantam fangar] [img]http://flightrising.com/images/cms/familiar/art/2577.png[/img] [/center] Additionally, we wanted to provide an update on Akiri. He is doing much better, and is on the other side of his surgeries. He's been moved to a rehab facility where he will begin the process of physical therapy to strengthen the parts of his body that were injured. I had the pleasure of visiting him as a surprise and he was in great spirits, and looked better each day. We appreciate the constant stream of support and understanding in what has shaped up to be quite a bumpy start to 2014, and are looking forward with optimism and excitement. ------------------------------------------------------------------------ [b]1-13-2014:[/b] We have cause to believe an outside party gained access to a FR administrator's account. At this time, we have no reason to believe user passwords have been compromised, but this does not mean that it is not recommended to change your passwords often. In the event that you may have used the same password for both your FR account and your e-mail address, we recommend performing password reset on your FR e-mail account just as a personal precautionary measure. We are disappointed that someone would seek to attack the site in this manner, but will not rest until we have found a resolution for it. We will notify the community immediately when we discover any additional information. We are sorry for this situation, and want to assure you we will be taking every avenue we can to address it. [b]Updates[/b] [LIST] [*][b]21:44[/b]: Flight Rising will likely not be available tonight. We are in the twilight period of the security work, but have a few more things to wrap up before we can be ready to open. We will make an announcement if anything changes, but appreciate everyone's patience and commitment in the mean time. Thanks again, and have a wonderful night! [*][b]10:04[/b]: Good progress is being made. We are continuing to work throughout today with hopes of opening the site soon after everything is finished. [*][b]19:38[/b]: Flight Rising will be offline for the remainder of the night, and we will provide another update tomorrow morning as we continue. While this process is proving to be long and tough, we will continue until it is finished, as we want to get Flight Rising back into your hands as soon as humanly possible. Thank you for your support and patience! [*][b]09:28[/b]: The team is continuing to work today and will keep everyone posted on the progress. Thank you for your patience and support. [*][b]22:56[/b]: We wanted to provide another update. Although there is not much more information to report, we are continuing to focus entirely on getting the site in a secure state to reopen as soon as possible. We will provide another update tomorrow morning, and we hope everyone has a good night. [*][b]16:43[/b]: The team is still working hard on the issue, but we unfortunately do not have an ETA yet. Thank you for hanging in there while we tackle this important issue. [/LIST]
1-18-2014:
Greetings Flight Rising Community:

Since we have concluded maintenance we have noticed that some players have had their Flight Rising accounts compromised. We have been actively investigating this event. We thank you for all of your immediate and direct reports of these compromises; they greatly aided our investigation.

This is the information we know at this time:
  • Several players had their accounts compromised after we returned from maintenance.
  • At this time, we have no solid evidence of a data breach, but we now harbor a strong suspicion that in Flight Rising's first month online attacks may have been made against it that are causing the issues we are facing today. The users who were compromised were older users whose information may have been accessed prior to additional security measures that were added some time ago. We have issued a global password reset to ensure absolute safety.


What we are doing now:
  • Although already encrypted, we are adding extra security to user passwords.
  • In order to do so we will have to put the site into read-only mode for approximately fifteen to thirty minutes, with the potential for it to last slightly longer.
  • When we take the site out of read-only mode, all log-in credentials will be reset and you will be unable to log into your account until you change your password. To be as precautionary as possible, you will not be able to use a previous password.
  • To cover all bases: If you use the same password on other sites as you do for Flight Rising, we strongly recommend you change them. It is the best practice to use different passwords for each of your accounts.
  • This global reset is to protect users from the previous tech that was in place. Our investigation indicates that newer users should not be at risk.
  • Those who directly reported their accounts being compromised have been restored. If you have been affected and not reported it, please do so immediately via Contact Us.

We deeply regret this turn of events. When we launched Flight Rising we thought that we had taken enough security measures to protect the site from malicious attacks. We were wrong. We have since added and will continue to implement even more layers of security to further protect your account integrity.

We are committed to Flight Rising and our community and to ensuring a great play experience. We are learning from this situation and from our mistakes. We sincerely apologize to you, our players; without you we would not have the amazing community full of vibrant creativity we have today. You make Flight Rising all that it is, thank you!








1-16-2014:
We wanted to thank everyone for their support and patience while we worked on securing Flight Rising following the breach. From what we have gathered, an outside party seeking to damage the site gained access to an admin-level account. Over the past few days, we have been working closely with LightSky to run multiple tests and shore up any vulnerabilities that we could find. We apologize that this took as long as it did, but given that the safety and security of our users is paramount, we wanted to dedicate a proper amount of time to ensuring that situations like this do not occur going forward.

As we mentioned in our previous message, we have no reason to believe that any user passwords were compromised, and because gem sales happen on Paypal's website, absolutely no financial information was compromised. We will always stress personal account security, and still recommend that users change their passwords often, and use unique and complex ones for all of their different accounts.

The site is once again available for play, and we will be monitoring it heavily going forward. We ask that everyone remain very vigilant, and report any suspicious activity to us immediately and privately via the Contact Us form.

At the time of opening the site, everyone will likely notice the following changes:
  • All dragons have been fed to full energy.
  • All players have had their clan energy bonus meter maxed out so that they may start accumulating bonuses immediately.
  • All players have received a food point increase of 200 for each food type.
  • All nests have had full incubation and will be ready to hatch immediately.
  • All players will have a special limited familiar, the Golden Bantam Fangar, waiting for them in their inventory.


2577.png

Additionally, we wanted to provide an update on Akiri. He is doing much better, and is on the other side of his surgeries. He's been moved to a rehab facility where he will begin the process of physical therapy to strengthen the parts of his body that were injured. I had the pleasure of visiting him as a surprise and he was in great spirits, and looked better each day.

We appreciate the constant stream of support and understanding in what has shaped up to be quite a bumpy start to 2014, and are looking forward with optimism and excitement.




1-13-2014:
We have cause to believe an outside party gained access to a FR administrator's account. At this time, we have no reason to believe user passwords have been compromised, but this does not mean that it is not recommended to change your passwords often. In the event that you may have used the same password for both your FR account and your e-mail address, we recommend performing password reset on your FR e-mail account just as a personal precautionary measure.

We are disappointed that someone would seek to attack the site in this manner, but will not rest until we have found a resolution for it. We will notify the community immediately when we discover any additional information. We are sorry for this situation, and want to assure you we will be taking every avenue we can to address it.

Updates
  • 21:44: Flight Rising will likely not be available tonight. We are in the twilight period of the security work, but have a few more things to wrap up before we can be ready to open. We will make an announcement if anything changes, but appreciate everyone's patience and commitment in the mean time. Thanks again, and have a wonderful night!
  • 10:04: Good progress is being made. We are continuing to work throughout today with hopes of opening the site soon after everything is finished.
  • 19:38: Flight Rising will be offline for the remainder of the night, and we will provide another update tomorrow morning as we continue. While this process is proving to be long and tough, we will continue until it is finished, as we want to get Flight Rising back into your hands as soon as humanly possible. Thank you for your support and patience!
  • 09:28: The team is continuing to work today and will keep everyone posted on the progress. Thank you for your patience and support.
  • 22:56: We wanted to provide another update. Although there is not much more information to report, we are continuing to focus entirely on getting the site in a secure state to reopen as soon as possible. We will provide another update tomorrow morning, and we hope everyone has a good night.
  • 16:43: The team is still working hard on the issue, but we unfortunately do not have an ETA yet. Thank you for hanging in there while we tackle this important issue.
Flight Rising Developer
Project Management | Engineering Team Cheerleader | UI Designer