Sections
Info March 2025 Data Breach Types of Problems Problem Ratings Problem Collections Time Trial mode Stars, Comments, and Flags Creating Problems Problem Creation Lifecycle Problem Construction Basics Problem Construction Best Practices Solution Signatures Problem Suggestions API access

March 2025 Data Breach

Around March 1st 2025 we discovered that an unauthorized individual had gained access to an old copy of the goproblems.com database. We are very sorry this happened and immensely regret this lapse in security. 

If you created your account after June 2023, you are not affected.

Here is what we know:

  • The data was from a backup of the database on approximately June 13 2023, taken from a development server that was not properly secured
  • Compromised data includes usernames, emails, IP address, and encrypted passwords (hashed and uniquely salted) (with a small exception, see the section below on plaintext passwords)
  • No credit card information is contained in the database
  • As of now, there's no evidence the leaked information has been publicly shared, but future disclosure cannot be ruled out.

We are taking the following steps:

  • Notifying all affected users
  • The particular security leak that caused the problem has long been closed, but we have new strict policies against using backup data to prevent this in the future
  • Future development to reduce to an absolute minimum the personal info collected and stored

We recommend that you:

  1. Log in and change your password: https://goproblems.com/settings/password
  2. If your password was reused elsewhere, update it on those sites as well.

If you have any questions please email me directly at adum+goproblems@adum.com or join the goproblems Discord to contact us there. If you just want your account deleted, email adum+goproblems@adum.com directly.

Plaintext passwords

For several years goproblems stored passwords along with problems in case users wanted to update problems they had added to the site – a poor security practice (it wasn’t necessary to have a user account to add and edit problems at the time.) We stopped this in 2009, but the data unfortunately remained in the database. It has been removed from the database since, but the removal was after the copy of the data was made that led to this leak. Therefore, for people who added problems to the site before 2009, their plaintext password may be included in the leak. 

adum
2025-03-07
1252