1878 films and counting...

Security Report - Blog


Attacks are just a part of the modern Internet.

If you have a website, whether or not it even has a domain, you will come under attack almost as soon as the server becomes accessible.

For the most part, these attacks are defeated without any effort at all.

For some, you need a more considered approach.

Current State of Attacks

Since the server coming up in June, we've faced:

What You Need to Know

Part of SIXTEENmm's commitment to privacy means that we can't protect you in every case.

If you lose your password somewhere else, such as from a data breach, you can run into a problem.

We aren't tracking the IP addresses you commonly log in from.

If a new login comes out of the blue from a new location - we won't notice it.

That isn't to say there is no protection here. We have a current and frequently updated ban list against many IPs throughout the world. Most account-distributors that exist will fail to connect with us at all, and won't be able to log in to confirm the stolen account, before they pass it on to their customers.

This means you need to be proactive.

We already recommend you don't re-use your password, and make use of a password manager.

But, if the same password you use for SIXTEENmm is breached, then you need to change it as soon as possible.

Firefox and Chrome have integrated a service provided by HIBP to notify you when a particular email has been breached.

Make use of these services to find out when an email address has turned up, and change your password if it has.

It doesn't matter how complex or unguessable a password is if it has appeared in a data breach.

What if SIXTEENmm does get breached?

We lay out what we collect and how we protect it in our Security Policy.

But, if we were to be breached, then what a hacker would have access to is:

In short, if a hacker breached us they wouldn't have any information that would be "sellable" or worth anything.

Continue reading...