• The NationStates server was subjected to a data breach. TNP Forums do NOT interact with the NS servers and remain secure. If you use the same password between the two sites, it is recommended you change your password.

RMB'in 2: Electric Boogaloo

UPDATE ON NS OUTAGE

Detailed Data Breach Notice​

Posted: 2:15am 30 Jan 2026 UTC

Overview​

At about 10pm UTC on January 27, 2026, we received a report from a player who had discovered a critical bug in our application code. While testing this bug, the player gained access to our main production server and begun copying application code and user data to his personal system.

This player has a history of contributing about a dozen bug & vulnerability reports to NationStates since 2021, particularly over the last six months. He is not a member of staff and was never granted permission for server entry or any privileged access. His nation has been previously credited with a Bug Hunter badge, which is an initiative that rewards players for reporting bugs & site vulnerabilites for us to fix.

In his report, the player apologized for exceeding authorized testing boundaries, and claimed he deleted all copied data when he realized what he'd taken. We have no way of confirming this. We consider both the system and the data compromised as the result of an attack.

What Was Exposed​

Data that was accessed contains:
  • email addresses: including email addresses associated with the account in the past
  • passwords: stored as MD5 hashes, which is an old protocol that is obsolete by modern standards, and inadequate to prevent decryption in an event like this, where an attacker could have an offline copy of the data
  • IP addresses used to log in
  • browser UserAgent strings used to log in
NationStates doesn't collect real names, addresses, phone numbers, or credit card information.

When the site is online, you can use the following page to see the exact data we store for your nation: https://www.nationstates.net/page=private_info

The player did not gain entry to the server holding telegrams data, but did exploit access to it, and made an attempt to copy a portion of its data. We consider it likely that some contents were exposed.

The Bug​

The vulnerability came from a new feature, Dispatch Search, which was implemented on Sep 2, 2025. The player was able to gain remote command execution (RCE) through a combination of a failure to sanitize user-supplied parameters with a double-parsing bug.

What We're Doing Right Now​

  • Reporting Obligations: We are making users and relevant government authorities aware of the breach.
  • Server Rebuild: Since the production server must be considered compromised, we are completely rebuilding on new hardware.
  • Software Audit: We are inspecting our code for any similar vulnerabilities.
  • Hardening Systems: We are rewriting template parsing code to ensure that any similar bugs can't lead to the same outcome in the future.
  • Upgrading Password Security: We are immediately implementing a project that had been awaiting approval to replace the password hashing algorithm with a stronger modern protocol.
  • Developing Reopening Plan: We're figuring out how & when we can reopen.

What Will Happen Next​

For nations with registered email addresses, you will be able to reset your password once the site reopens. We are still investigating the correct way to manage access to other nations.
 
Ethnon Weather Check:

Friday 30 Jan - Tuesday 3 Feb​

Headline:​

Brightening up for a time, more rain later.

Today:​

Flood alerts in force for Wales

A damp start with hill fog and patchy rain and drizzle. Brightening up from the south with occasional sunny intervals. Further rain pushing northwards later. Feeling much milder, especially in any sunshine, but freshening easterly winds again later. Maximum temperature 9 °C.

Tonight:​

Bands of rain spreading north across Wales this evening merging into longer spells of rain overnight. Occasional clear spells in northern and western areas. Windy at times. Remaining largely frost-free. Minimum temperature 3 °C.

Saturday:​

Cloudy for many with spells of rain through the morning, though tending to become drier with just a few showers by the afternoon. Brightest in the west. Winds gradually easing. Maximum temperature 8 °C.

Outlook for Sunday to Tuesday:​

Drier on Sunday with low cloud and fog lingering for some, although most seeing the sunshine break through. Increasingly unsettled early next week with wet and windy weather at times.
 
LATEST NEWS ON TNPV 66

Eh-EX8f-O.png



Event
Date*
Submissions:18th to 25th January [1800 GMT] CLOSED
Semi Finals Voting:27th January to 3rd February [subject to change]
Final Voting:4th to February 11th [subject to change]
Grand Final:February 13th [subject to change]
*Please note these dates are subject to change.

If you have access here or discord you can still vote now if you wish.

The SF's have been posted on the TNPV discord and with links here https://forum.thenorthpacific.org/topic/9199431/post-10760439

You can send me a DM with your votes via discord or private conversation on this forum.
 
Last edited:
The North Pacific Ocean has only 4.5/5 stars on Google Maps, WHO IS RESPONSIBLE FOR THE DOWNVOTES?!?!

The person responsible:
a808jeq850sb1.jpg
 
You must log in or register to reply here.
Back
Top