Bug causes inadvertent security notification emails

News updates about the Prohashing pool
Forum rules
The News forum is only for updates about the Prohashing pool.

Replies to posts in this forum should be related to the news being announced. If you need support on another issue, please post in the forum related to that topic or seek one of the official support options listed in the top right corner of the forums page or on prohashing.com/about.

For the full list of PROHASHING forums rules, please visit https://prohashing.com/help/prohashing- ... rms-forums.
User avatar
Steve Sokolowski
Posts: 4585
Joined: Wed Aug 27, 2014 3:27 pm
Location: State College, PA

Re: Bug causes inadvertent security notification emails

Post by Steve Sokolowski » Sun Jun 10, 2018 7:44 am

qosmio wrote:1st this happened to my was in april 2018, I had not 2fa enabled and got back into my account after 3 days and I lost one payout because the address was changed, I fixed all back and enabled 2fa, yesterday 8jun18 it happened again and I could not get back into my account since 2fa did not send me the code to login. so I have to move my miners to another pool since I cannot use my account anymore and not want to mine and someone else get my payout. Can you fix my account so I can use it again? account: qosmio
Did you see what I posted in the chat yesterday? This site doesn't send two-factor authentication codes, over SMS or through any other method. To view a two-factor authentication code, you need to open the Authy app.

Is it possible that you are confusing this site with another one?
User avatar
Steve Sokolowski
Posts: 4585
Joined: Wed Aug 27, 2014 3:27 pm
Location: State College, PA

Re: Bug causes inadvertent security notification emails

Post by Steve Sokolowski » Sun Jun 10, 2018 7:49 am

bachel wrote:
Steve Sokolowski wrote:
bachel wrote:
So the 20 others in the chat this morning with the same problem all got fished ?
fished?

If you mean "phished," as in someone stealing information, then the answer is no. There were no systemwide hacks.
So why did so many payout addresses get changed ?

Miracle Hack or Devs who develop on a live system without testing anything before hand ?
Again, there was no "hack." No payout addresses were changed by anyone else than by the owners of the accounts. As the description indicates, the scope of the issue is solely limited to a delay in notifications.

Testing was performed just like it is with all other changes and no known bugs were present at release time. I don't believe there has ever been a release issued where a bug was discovered in something that underwent testing.

Bugs occur upon release because it is impossible to foresee all the things that need to be tested. In this case, nobody considered that an invalid E-Mail address would be entered. Unfortunately, there is no logic or procedure that can be applied to come up with ideas of how the system might be used once deployed.
Locked