I’ve received a handful of emails this week from people saying that their email addresses used only in the Form Tools forums have been used in phishing attacks against them. This is extremely worrisome. Naturally we don’t pass along any information about our users to anyone, so I’m fairly sure this is the result of a hack.
I’m exceedingly sorry if you receive any spam from signing up on our forums.
This website (but not Form Tools itself, note!) has been the recipient of a handful of hacks over the years, always caused by buggy software – forums and WordPress. Sadly, there just doesn’t seem to be any stable forum software out there – they all get hacked eventually.
For the moment, to be safe I’m going to take the forums offline. I know this is a nuisance for many people, but I’d rather be safe than sorry. I’m going to look into what I can do over the next few days. Frankly, I haven’t decided how to proceed.
All of this brings into sharp focus that my attention to the website really is paramount.
*sigh*. Nothing like returning to work on an old script.
EDIT: here’s what’s happening. The forum will be back online by the end of the weekend (Jun 15th), with whatever additional safeguards I can put in place. Rather than just patch formtools.org, I’m starting afresh with a new design, new everything. Once it’s ready I’ll be setting it up on a new hosting provider as well. The forums are invaluable. They’re such a great resource for developers I think the project would be much poorer without them. I’ll just have to be more diligent in keeping them up to date and spam-free.
EDIT: July 6th. Well, the forums have been completely saturated with spam this evening, and it’s possible they’ve been hacked as well. I’m afraid I’m taking them offline until further notice.