Attention All Members:
Either a human, or more
likely a computer program, infiltrated this site (and the other VR sites
plus TopVetteSites.com and CorvetteClothing.com) tonight around
6:30pm ET, 7/14/2009 using a method called "SQL Injection"
It was done very cleverly, unfortunately, which allowed the attack to work.
What
this attack did was update almost every record in every table in the
database to include a piece of code that caused a virus to be
downloaded to the computer of anyone browsing the site.
If you came to any of the above listed sites after the attack occurred,
if you had good virus protection installed and running at the time
(like I do) you were likely alerted to the issue and not affected by
it. However
if you were unprotected your computer may be infected and
you should immediately run a virus scanner on your system. If you
don't have one, I can recommend "avast!" They have a FREE version for
home use. You can download it here:
http://avast.com/eng/download-avast-home.htmlUnfortunately, the attack was so severe that
I had to restore the database from a backup that was made at 2am ET this morning, 7/14/2009.
That means that anything anyone has done on any of the sites since then
is gone. If you posted any messages or made any changes to anything on
the site since that time, it is gone and you'll have to repost messages
and redo those changes.
As for going forward, I have made
changes to the site code and the database security settings that should
prevent this type of attack from occurring again. On the bright side,
the last time we had a problem with the database and I had to restore a
previous version, the version was much older than 16 hours! After that
incident I put a process in place to backup the database daily at 2am
ET so the most we'd lose is 24 hours of updates.
Please accept my apologies for any inconvenience this may have cause you and know that I regret not being better protected.
Also, please note that your private information was NOT compromised. This was an attack to UPDATE the database, not READ it.
Thank you for your continued support.