You are viewing this forum as a guest. Login to an existing account, or create a new account, to reply to topics and to create new topics.
In the last days I found out, that from the table core_users users have been deleted - the complete table row - not by the users themselve, but through an internal script or by an outside attack.
There had been new users with chaotic information in the users table, which we had never before.
Today there was a new user in the table with chaotic information and at the same time more than 200 users had been deleted.
The last days I thought it must be something internal. But now I suspect it's an outside attack.
How to proceed? If you need more information, please let me know.
It seems, there are also further tables affected like ecom_cat, but I don't have an overview yet.
Offline
Using System / Component / Settings / Cron Settings, check to see how long unused customer accounts are stored. My guess is that old accounts are being purged based on that setting (which you can turn off). Note: This is not a thing in K9.
Offline
It was set to 1 year and I changed it to 2 years now. But many of the deleted accounts have been not older than half a year. Nothing has been lost - I had a backup.
Offline