MangaDex Gets Hacked

All Your Password Are Belong to Us

Otaku Voice Staff | @otakuvoice

Mar 17, 2021

Notice some trouble with MangaDex recently? Apparently an old version of the site apparently has gotten into the hands of a less than friendly actor in the digital space. According to one of the developers Plykiya on the forums, a data breach has left users of the site vulnerable. An older version of the site and database is believed to be uncovered from a roughly four month old server image.

If you are concerned about the breach the main points boil down to as follows –

Hashed passwords in the database are unlikely to be vulnerable, but users should update regardless.
The MangaDex team has made efforts to prevent the bad actor from accessing your account through a saved session exploit.
Your email address, last known IP Address, follows, comments, and DMs are exposed.
Personal RSS keys for manga follows are reset. You will need a new key to continue.

At the moment the site is continuing to have server issues. A likely fallout from everyone being required to hit the database in order to log back into the site.

Remember folks, use a unique password or a password manager for your logins. A breach like this is inevitable on a site that is frequently attacked by Direct Denial of Service attacks.

[Source]
[MangaDex Forum Post]