freenode Security Update: Reused Password Attack

In the very early hours of today (Friday 29 June 2018), we became aware of unauthorised attempts to access a substantial number of freenode accounts. This appears to be the result of an attacker using lists of usernames and passwords from other online services that have previously been compromised, and trying these combinations on freenode accounts.

Our investigations commenced immediately and we found that the attacker had been able to log in to a number of freenode accounts.

freenode has not been hacked or compromised.

Affected information

For the affected accounts, usernames (nicknames) and passwords are affected. Additionally, for some accounts, other information including channel access and channel lists may be affected.

What we are doing

We are committed to protecting your data and, as a precaution, we have frozen the affected accounts and are in the process of sending individual notifications to affected users.

What you can do

If your account was affected, we are in the process of contacting you directly with information to reset your password and restore access to your account.

We encourage all users to practice good password hygiene, even if your account has not been affected at this time.

Attacks such as these have a tendency to escalate and cause a domino effect and we will continue to investigate and monitor for new attack vectors.

Password reuse means that once one account is compromised, all of the accounts that share that password become compromised.