Recently Added Videos
Adam Director of Technology
2 days ago
TLDR; RoosterTeeth community accounts, passwords, and email addresses were NOT leaked.
So last week we announced we had a bit of a security event.
When we made that post, we had wiped passwords for accounts, but we were still combing through logs, we only knew that someone had gained access to our database who shouldn't have had access, and wanted to take immediate precautionary action.
I wanted to take a moment before Thanksgiving gets all started, and talk about the aftermath; what was found, what is being done to prevent things like this in the future, and exactly what the situation is. I'm not going to go into the full nitty gritty, but I want to discuss and answer a few really common concerns floating around the community before stuffing my face with turkey.
The security flaw that was exploited had to do with a legacy system still running on our old code infrastructure. Once the attack vector was discovered, I made the decision to kill off our legacy servers and code. It's old, insecure (encryption instead of hashes, etc), and not to modern code standards. This does mean that some things like the AH Uploader (AHUploads.com) are offline until we can write proper, modern software to replace it. Our web team is getting those things ironed out ASAP.
After a few days of research and verifying system, traffic, and query logs, we were able to verify that the RoosterTeeth community accounts, passwords, and email addresses were NOT leaked. The viewed data consisted of exclusively RT Staff accounts. Still not great, but the community accounts are safe.
To speak to account security in general, because there's a lot of assumptions that got thrown around in the last week, some of which were wrong, and many of which deserve a direct answer:
First; We are using HTTPS for authentication. All login routes are required to go over SSL, and we expanded it this morning to make sure the entire login page (not just the form) goes over SSL as well.
Second; No passwords have ever been plain-text in our database. The old code used encryption, and the new site uses per-user-unique salt hashing. Now that the old code is depreciated, we exclusively use per-user-salt with a modern hashing mechanism for our passwords.
Third; Payment information is not stored on Rooster Teeth servers. Things like Credit Cards, Addresses, etc., are all stored on PCI compliant third-party partner servers. We recognize that this is highly sensitive information and want to keep it secure in the best way possible.
And lastly; This is more of a general rule, not one related to RT technology, but a general recommendation. Please use unique passwords for every site you visit. This isn't an excuse for us to be insecure, but in the current age, unfortunately this kind of events happen. Databases get compromised, from the small guy to the huge multi-billion dollar company. If you can't remember a unique password for every site you frequent (like me), use a password vault like 1Password, LastPass, KeyPass, or Dashlane. Most of them are free, allow mobile access, and make password security online so, SO much better. This is also relevant.
Love and Kisses;
P.S. I'm going to bourbon smoke a turkey in a few hours and I'm really damn excited about it.
6 days ago
The Vytal Festival Tournament is the ultimate battle of skill, pitting the world's most powerful Huntsmen and Huntresses in training against one another... and it's finally here! Ruby, Weiss, Blake, and Yang are back for a season of over-the-top action, and they're not alone. New fighters from around Remnant are ready to bring glory to their kingdom, but there are those among them with a far more sinister goal in mind…
1 week ago
Tyler Coe thought he had everything he wanted in life: a home, a husband and a successful career. Now newly divorced from Aaron Marquis and facing a turning point, he finds that he is confused about what is important to him. Daring to step out of his comfort zone, Tyler embarks on a quest of self-discovery that takes him to Italy, India and Bali. This episode was originally recorded on November 19, 2015.
1 week ago
Our site has recently experienced a security breach. Based on what we know, your username, password and email address may have been viewed; no other information has been accessed and we don’t store any personal information (including credit card information). As a safety precaution, we are force-resetting everyone's passwords. Please make sure, when resetting your password, that you select a different password, and if you were using the same username/email address/password combination on another site, change your password there, too.
We apologize for any inconvenience this may cause you. We will let you know immediately if we learn of any more information regarding this breach. Your safety and security on our site is our top priority, so we hope you understand.
When logging in, click "forgot password" and it will ask you for your email address associated with your username. You'll get an email to this address with instructions to reset your password.
If you forgot what email you used on the site, please email your Username to "accountrecovery[at]roosterteeth[dot]com". (Please only do this AFTER trying all your emails, and if you're completely stuck)
For users who used Facebook to sign up:
You don't have a password associated with your account, so nothing changes for you.
1 week ago
Watch the Behind the Scenes of Immersion - Five Nights at Freddy's. Would being trapped inside a tiny room, watching lovable characters roaming dimly lit hallways actually be scary? Watch to find out how many nights Michael and Gavin can survive.
1 week ago
First off, congrats to our two-weeks-worth of buff buddy winners who will be getting cool prizes from the Rooster Teeth store and Onnit. And to clarify -- if you're called out as one of our Buff Buddies of the Week, you're getting swag.
(we'll be contacting you guys shortly)
Zach, Meg and I will be chronicling separate fitness journals on here so it doesn't just become one giant mess of a journal every week. Find the three of us below (here's my week 1 and 2 summary and workouts, for starters: http://roosterteeth.com/post/51186571)
Thanks for all your support, and big kudos to everyone getting sweaty with us!
1 week ago
It's Free Play! In today's episode Meg and Ryan continue to plan future stunts while on air. Plus, it's wet cats vs. squeaky children on today's Internet Show and Tell. Finally, Meg and Ryan attempt to salvage what they can from their recent shoot on-location at the Renaissance Fair.
If you are a sponsor, the recovered Renaissance Fair segment can be seen here: http://roosterteeth.com/episode/free-play-season-1...