Security and MFL? (1 Viewer)

[THE UNDERCOVER BROTHA]

Well, i said i wouldnt post this but others must know about this as i know most of us on here use MyFantasyLeagues as our host FF site.

Well i had an opening in one of my leagues i commish this offseason and as usual, i always look to good ole FBG for my owners. I like playing with the good owners.

I have my onwers voted in by there resume the send me. And then we decide which owner we like. Well a guy on here name Bob Lockery was the guy we voted in.

He came in trading (alot) and did some wierd drafting with his picks to the team....that was all good, he spent his money and he could do with the team as he wished. Well he became a big problem maker in the league to the point most of the owners had to email me about kicking him out. He had issues with the league voting to open waivers which normally i wont lie we implement rules a year later but everyone but him wanted waivers now and i saw no need to push waivers a year off when the league even voted to open them now. He complained when guys drafted rookies that wasnt in the system with fill in guys...Just complaining to cause a ruckus cause from what the other guys tell me he had a hard time trying to get some deals he thought were fair for his team.

Anyway we had to kick him out as he became more of a problem in the league, he even started a poll for us to vote him out. Well, with him trading off so many top players he left the team in a horrible state, i could NOT even get back but half for the team, those in the league said dont give him nothing as he deserved to be ousted for all the stuff he started and complained and went so forth to start personally attacking guys with personal threats, he overstepped his bounds by saying what he would do to some of the onwer wifes and makes mentions of other organizations of other owners that have nothing to do with FF at all.

Ok...so you problem thinking BIG DEAL...so what.....yeah i pretty much ignore the psyco.

But he then begin HACKING into MFL once he was kicked out. He finds away back in through some backdoor as he tells us. He can log into anyones team or commish and change whatever he wishes at that point. This is why i am posting this issue here, Ive been playing on MFL since 2003, I have been commishing since 2005, i put alot of time and effort into my leagues over the year to know that MFL is selling us a unsecured host site. This guy probably wont bother any of your leagues but he has been to alot of the main FF sites that alot of the staff on fbg as well as long time fbg'ers play in. I wont mention those leagues but take note...if you are spending your money for MFL there product cant be manipulated at any time if they dont secure it.

Ive emailed them over and over on the issue and they dont seem to even respond but one time. Ive posted on there support forums only for the HACKER to go over there and tell me they gave me some good advice but he still can get in. Dude just doesnt have a life. And who would think a retired naval helicopter pilot would carry on like this.

 

[datonn]

I've known about some issues with MFL in a few of my leagues too. The biggest problem I've seen is MFL giving me a choice of owners to login as...then automatically entering THEIR password, even though I didn't know it and had never saved said password on my computer. Logged into one of my HyperActive leagues as the Commish one time (accidentally), then thought "dang...if someone had an ax to grind with this league, they could really do a LOT of damage if they were allowed to do the same thing."

Long story short, if it's bits and bytes, it can be compromised. Anyone who is promoting something as 100% hack-proof is either naive or hasn't had someone with a big enough ax to grind coming after them yet. Best thing you can do is alert MFL to the problem (as you have), then change league access settings to as strict and limiting as you possibly can. Follow that up with every owner changing their password and maybe even giving them all new logins as well. Like I said though, if the guy knows what he is doing and he's been royally pissed off, he'll find a way in regardless.

 

[THE UNDERCOVER BROTHA]

Yeah we changed everything in the 2 leagues i commish but he still gets in, I also have the acess not accessible to guest to in those leagues.

Like you say though, in the end, there probably isnt nothing can be done in the end. I will have to get Ryan prepared for this as well as he has hacked into both HA leagues im in.

 

[THE UNDERCOVER BROTHA]

Find the internet security division contact # of the FBI and then contact MFL, explain the issue and give them the info.You may need MFL to give you a new "league site" and start clean.Good luck with your league.

Thx Choke, thats what im thinking too....maybe they will give me a new site he doesnt know about, but really i have no confidence in knowing he wont find that site either...He sit around all day looking up all the guys leagues and outside info on them. But thats the least MFL could do.

 

[DevilDog919]

I am in said league, and am also worried about the security of MFL. By logging onto this one league, the hacker also has access to all of our other MFL teams as well. I myself have 15 leagues that this hacker can and has broken into.

The guy is a major nutcase and MFL shouldn't make it so easy for people like him to hack into. I can see him getting one or two passwords MAYBE, but getting all of our passwords?!?

Not to mention, as a prior military member myself I voted this nutcase in. Ashamed that someone like him spent a CAREER and RETIRED from the Navy, and somehow was a top ranking officer! Bottom line, MFL needs to step up the security or at least answer some emails or I'll probably be changing the leagues that I commish to a new site.

 

[datonn]

Well, there's ALWAYS something that can be done.

Simple cost/benefit analysis. If the costs of compromising your site(s) outweigh the benefits of doing so, it'll stop. Offense is a FANTASTIC defense...if you catch my drift.

 

[Pictus Cat]

Cyber stalker destroying your property is he?

Across state lines. I thought there was a law against that.

Maybe he's lonely or bored. Ask him what he wants to stop. Honey is the best first option.

 

[Manster]

I am in said league, and am also worried about the security of MFL. By logging onto this one league, the hacker also has access to all of our other MFL teams as well. I myself have 15 leagues that this hacker can and has broken into.

The guy is a major nutcase and MFL shouldn't make it so easy for people like him to hack into. I can see him getting one or two passwords MAYBE, but getting all of our passwords?!?

Not to mention, as a prior military member myself I voted this nutcase in. Ashamed that someone like him spent a CAREER and RETIRED from the Navy, and somehow was a top ranking officer! Bottom line, MFL needs to step up the security or at least answer some emails or I'll probably be changing the leagues that I commish to a new site.

you must have almost every fantasy viable guy in the NFL on at least one team.

 

[stp-d]

I am also in this league and am pretty shocked that MFL has not responded with a solution. If this guy makes his way through all 12 league members "Other Leagues" he could essentially advertise MFL's lack of security to the majority of footballguys.com members just through word of mouth.

This is a real threat that MFL should respond to, what good is their site if they can easily be manipulated.

 

[Holy Schneikes]

MFL should probably not take this lightly and they definitely should be responsive to you.

That said, just because one dude had success getting into their system doesn't necessarily mean it's "easily" compromised. As others have mentioned, nearly any site out there is "hackable" by the right guy with the right motivation. And a lot of times, once he's in, he's in.

 

[Knobs]

So...what's this weirdo's fbg alias?

 

[Phurfur]

I am in said league, and am also worried about the security of MFL. By logging onto this one league, the hacker also has access to all of our other MFL teams as well. I myself have 15 leagues that this hacker can and has broken into.

The guy is a major nutcase and MFL shouldn't make it so easy for people like him to hack into. I can see him getting one or two passwords MAYBE, but getting all of our passwords?!?

Not to mention, as a prior military member myself I voted this nutcase in. Ashamed that someone like him spent a CAREER and RETIRED from the Navy, and somehow was a top ranking officer! Bottom line, MFL needs to step up the security or at least answer some emails or I'll probably be changing the leagues that I commish to a new site.

I doubt this is true!This is one reason I do not play with anyone who isn't a friend of mine or a friend of someone I know.

 

[yellowdog]

So...what's this weirdo's fbg alias?

 

[fatness]

I've known about some issues with MFL in a few of my leagues too. The biggest problem I've seen is MFL giving me a choice of owners to login as...then automatically entering THEIR password, even though I didn't know it and had never saved said password on my computer.

If this can be done this is horrible.

 

[The Captain]

So...what's this weirdo's fbg alias?

In the league as well. Wish I knew.

 

[plastik]

I'm also in this league and find this to be of great concern. I'm also very disappointed that MFL has not reacted to fix the problem in a more timely matter. If this guy fans out to cause problems in all of the other leagues that our owners are in it could affect a great number of people. I'm in four MFL leagues, between us all who knows how many we account for? 50? 60? Depending on how motivated this guy is this could become a very large problem.

 

[george]

.

 

[lefteye]

Interesting, I had voted to move my league on sportsline to MFL, it's definitely off the table now.

 

[bonscott]

Ok, lets get a bit of reality here. MFL is no less insecure then CBS, Yahoo or any other site. It's rather easy to hack into accounts and servers if one has the time, ability and drive to do so. I can guarantee you if you move to CBS for example he'll probably hack you there too should he want to.

On the technical side there really isn't a whole lot MFL can do about it unless he's doing it server side (but even then...).

They can ban his IP address. But it's so easy to spoof an IP address today any 12 year old can do it. He can make it look like he's coming from South Africa or Iran if he wants.

One thing you can do to help your login be more secure is to not check the box to automatically log on, this will prevent the cookie from being stored locally after you log off.

I wish you good luck.

 

[scientist]

There are a lot of security holes in MFL. I emailed them a pretty detailed list of vulnerabilities, and they responded with a pretty generic response. I started worrying just by the overall feel of the site - very "cheap". Then the first time I entered an email address they partially masked it with Xs...great. I definitely wouldn't be able to figure out an email address shown as MIKEJOHN***@**TMAIL.COM. So, dabbling in web app security testing, I started poking around. I didn't break any terms of use or do anything intrusive, but was able to determine I don't trust them with any of my information.

Here is my suggestion for using MFL: don't store any personally identifiable information with them or on your league site. Use a backup email address, and make sure the passwords people use are not the same as their primary email/bank/etc. password. Treat it as if nothing stored there is safe.

 

[bonscott]

I've known about some issues with MFL in a few of my leagues too. The biggest problem I've seen is MFL giving me a choice of owners to login as...then automatically entering THEIR password, even though I didn't know it and had never saved said password on my computer. Logged into one of my HyperActive leagues as the Commish one time (accidentally), then thought "dang...if someone had an ax to grind with this league, they could really do a LOT of damage if they were allowed to do the same thing."

I think you're talking about a feature of MFL in which if you know the commish password you can log in as any owner with the commish password. That way you don't need to know their personal password in the instance you need to do something for that team.Thus if the commish password is "apple" then you can log in as any team with the password "apple". But you don't know each team's password.

So all someone will have to do is hack the commish password and thus they would have access to each team. However with the commish password you can see everything anyway.

 

[bonscott]

Here is my suggestion for using MFL: don't store any personally identifiable information with them or on your league site. Use a backup email address, and make sure the passwords people use are not the same as their primary email/bank/etc. password. Treat it as if nothing stored there is safe.

Why would anyone do this anyway? You're an idiot if you put your home address in your profile and I've seen it so many times. However, your profile is only visible to someone actually logged on to the web site. So if you got a hacker getting in then it won't matter. But I think you got bigger issues if this is happening anyway.

 

[Ministry of Pain]

Just out of curiosity, does anyone know if RT Sports is any better at this?

 

[BeTheMatch]

I've known about some issues with MFL in a few of my leagues too. The biggest problem I've seen is MFL giving me a choice of owners to login as...then automatically entering THEIR password, even though I didn't know it and had never saved said password on my computer.

If this can be done this is horrible.

I don't what you're talking about here. What do you mean automatically entering their password???? This does not and cannot happen as far as I know. I'd like some more details here.

 

[TheFanatic]

I've known about some issues with MFL in a few of my leagues too. The biggest problem I've seen is MFL giving me a choice of owners to login as...then automatically entering THEIR password, even though I didn't know it and had never saved said password on my computer. Logged into one of my HyperActive leagues as the Commish one time (accidentally), then thought "dang...if someone had an ax to grind with this league, they could really do a LOT of damage if they were allowed to do the same thing."

I think you're talking about a feature of MFL in which if you know the commish password you can log in as any owner with the commish password. That way you don't need to know their personal password in the instance you need to do something for that team.Thus if the commish password is "apple" then you can log in as any team with the password "apple". But you don't know each team's password.

So all someone will have to do is hack the commish password and thus they would have access to each team. However with the commish password you can see everything anyway.

This is what I think happened. The password was probably something like Touchdown or Interception. People are more careful with their bank password but think an MFL site is no big deal and go with something basic. They don't add capital letters, symbols or numbers. PArticularly if they have a couple of people with access to the commish role. Once he had that password he was good to go. I would go in, change the commish password, revoke all users, and resubmit them to each team so that they have to recreate theirs. I would think he just created himself an account once he got the commish password...

 

[Ministry of Pain]

Remember the good ole days when we had to use paper and pen on Monday mornings as we opened either the local sports section or USA Today...and NFL Primetime with Berman and Jackson on Sunday Nights actually meant something.

"Late games are over MOP, wanna head home?"

"More wings and beer please, Primetime is set to start and I wanna find as many stats as I can."

You would go to bed on Sunday Night not really knowing exactly where you stood. If the team you were playing was close to your score it was just brutal waiting for the paper the next morning.

Good times...

 

[BeTheMatch]

I've known about some issues with MFL in a few of my leagues too. The biggest problem I've seen is MFL giving me a choice of owners to login as...then automatically entering THEIR password, even though I didn't know it and had never saved said password on my computer. Logged into one of my HyperActive leagues as the Commish one time (accidentally), then thought "dang...if someone had an ax to grind with this league, they could really do a LOT of damage if they were allowed to do the same thing."

I think you're talking about a feature of MFL in which if you know the commish password you can log in as any owner with the commish password. That way you don't need to know their personal password in the instance you need to do something for that team.Thus if the commish password is "apple" then you can log in as any team with the password "apple". But you don't know each team's password.

So all someone will have to do is hack the commish password and thus they would have access to each team. However with the commish password you can see everything anyway.

Bonscott is right. This is how it works, and this makes far more sense.

 

[scientist]

Ok, lets get a bit of reality here. MFL is no less insecure then CBS, Yahoo or any other site. It's rather easy to hack into accounts and servers if one has the time, ability and drive to do so. I can guarantee you if you move to CBS for example he'll probably hack you there too should he want tn the technical side there really isn't a whole lot MFL can do about it unless he's doing it server side (but even then...). They can ban his IP address. But it's so easy to spoof an IP address today any 12 year old can do it. He can make it look like he's coming from South Africa or Iran if he wants.One thing you can do to help your login be more secure is to not check the box to automatically log on, this will prevent the cookie from being stored locally after you log off.I wish you good luck.

No one should consider a computer system to be "unhackable", but there can be magnitudes of difference in the security implementation of one site over another. "Hacking accounts" doesn't really count if you are talking about guessing passwords. Twitter was not insecure because Britney Spears had her password set to her kid's name, Twitter was insecure because one of their admins set their passwords to one of the most cliche easily guessable passwords. Also because they had not set up account lockout after X number of attempts or password complexity requirements. Your bank should most certainly not allow you to set a weak password or save your password locally.The probability of being able to pull off a high-impact attack on a mainstream website such as CBS is much less likely than a niche site such as MFL. For example, it's not hard to find a site run by a small business that has not prevented simple data-mining attacks such as methodically collecting all registered email addresses. I ran across an online car parts store that stored the order pad information of the previous user, credit card number and all. That sort of thing can be prevented. If all websites were "easily hackable" there would be no trust in e-commerce.

 

[B. Nugget]

I'm also in this league and not only am I shocked that anyone would take it this far, I'm very dissappointed in MFL for dropping the ball and basically putting the rest of our leagues in jeopardy by not acting in a timely manner and letting this escalate.

I've already received 2 password reminder emails today and I know another league member has had his password changed. That is unacceptable!!!

 

[bonscott]

I'm also in this league and not only am I shocked that anyone would take it this far, I'm very dissappointed in MFL for dropping the ball and basically putting the rest of our leagues in jeopardy by not acting in a timely manner and letting this escalate.I've already received 2 password reminder emails today and I know another league member has had his password changed. That is unacceptable!!!

But I guess the question is, what would you have MFL do? Email is insecure form of communication. Any email sent out on the internet is plain text and copied on every server it hits on the way back and forth and captured in log files. Only way around it is to encrypt the email with paired keys. This guy could have a tracer setup (probably on an unsecure ISP server) on the net to capture the emailed password reminder. Could be any number of things. Who knows. MFL can't really do anything about it.Look, I feel your pain and it sucks. It really does. But I'm not seeing a whole lot that MFL (or anyone) can do against such a determined person.

 

[TheFanatic]

Remember the good ole days when we had to use paper and pen on Monday mornings as we opened either the local sports section or USA Today...and NFL Primetime with Berman and Jackson on Sunday Nights actually meant something. "Late games are over MOP, wanna head home?""More wings and beer please, Primetime is set to start and I wanna find as many stats as I can."You would go to bed on Sunday Night not really knowing exactly where you stood. If the team you were playing was close to your score it was just brutal waiting for the paper the next morning.Good times...

The worst was when the MNF game went so late that the box score would not appear till Wed. If you had a nail biter you might not know who won that week till then.And of course the days of the dialup were great. I would open a window for every game on ESPN.com and then go do something for about 30 minutes. Then come back and do the stats in an excel spreadsheet....My favorite is how intuned I am to that little tone they play before showing the stats from other games. I could be giving my wedding vows and if someone played that in the audience I would turn to look.

 

[scientist]

Here is my suggestion for using MFL: don't store any personally identifiable information with them or on your league site. Use a backup email address, and make sure the passwords people use are not the same as their primary email/bank/etc. password. Treat it as if nothing stored there is safe.

Why would anyone do this anyway? You're an idiot if you put your home address in your profile and I've seen it so many times. However, your profile is only visible to someone actually logged on to the web site. So if you got a hacker getting in then it won't matter. But I think you got bigger issues if this is happening anyway.

I was referring to message board posts, team customization, etc. If you're in a league with friends you're more likely to share stuff on the boards and within your league you wouldn't want other people seeing. And if you trust the people within your league, why wouldn't you want to update your profile to include info like your cell phone number if you trusted the site to be secure? I'm just saying don't treat any information you post on there as semi-private. And is it that unreasonable to assume there are fantasy football fans out there that don't think about the fact that using a password for multiple sites is insecure? I would consider using the same password for ESPN, CBS, etc., but when I see a site like MFL I think, wait a minute, I'm going to use a different password for this site, I don't trust it.There are other ways to pull information such as the email address field from a user table than logging in if the site has not been secured to prevent it.

 

[brutha]

But I guess the question is, what would you have MFL do?

how about tougher password restrictions? hello.

 

[Chicago Hooligan]

First year in a Phenoms league, I noticed right away that everyone's email(s) and names are public. This is a league of random owners. Yahoo etc. isn't set up that way. Does everyone in the league want their office phone #, pictures of their kids, etc. easy to find?

 

[bicycle_seat_sniffer]

Remember the good ole days when we had to use paper and pen on Monday mornings as we opened either the local sports section or USA Today...and NFL Primetime with Berman and Jackson on Sunday Nights actually meant something. "Late games are over MOP, wanna head home?""More wings and beer please, Primetime is set to start and I wanna find as many stats as I can."You would go to bed on Sunday Night not really knowing exactly where you stood. If the team you were playing was close to your score it was just brutal waiting for the paper the next morning.Good times...

couldnt wait to grab the USA today on Monday morning and start grabbing the stats

 

[Ministry of Pain]

Remember the good ole days when we had to use paper and pen on Monday mornings as we opened either the local sports section or USA Today...and NFL Primetime with Berman and Jackson on Sunday Nights actually meant something.

"Late games are over MOP, wanna head home?"

"More wings and beer please, Primetime is set to start and I wanna find as many stats as I can."

You would go to bed on Sunday Night not really knowing exactly where you stood. If the team you were playing was close to your score it was just brutal waiting for the paper the next morning.

Good times...

The worst was when the MNF game went so late that the box score would not appear till Wed. If you had a nail biter you might not know who won that week till then.And of course the days of the dialup were great. I would open a window for every game on ESPN.com and then go do something for about 30 minutes. Then come back and do the stats in an excel spreadsheet....

My favorite is how intuned I am to that little tone they play before showing the stats from other games. I could be giving my wedding vows and if someone played that in the audience I would turn to look.

 

[scientist]

I'm also in this league and not only am I shocked that anyone would take it this far, I'm very dissappointed in MFL for dropping the ball and basically putting the rest of our leagues in jeopardy by not acting in a timely manner and letting this escalate.I've already received 2 password reminder emails today and I know another league member has had his password changed. That is unacceptable!!!

But I guess the question is, what would you have MFL do? Email is insecure form of communication. Any email sent out on the internet is plain text and copied on every server it hits on the way back and forth and captured in log files. Only way around it is to encrypt the email with paired keys. This guy could have a tracer setup (probably on an unsecure ISP server) on the net to capture the emailed password reminder. Could be any number of things. Who knows. MFL can't really do anything about it.Look, I feel your pain and it sucks. It really does. But I'm not seeing a whole lot that MFL (or anyone) can do against such a determined person.

Well if this was actually that big of a concern they could require question/answer verification setup on account creation. When you forget your password, they could send you a link to an https page that, upon confirmation of the q/a, let you reset your password, then have the link expire. If the attacker was actually doing nothing but watching your email account 24/7 and was able to intercept it before you replied, you would realize the link was expired and request another one. But I don't think it's that feasible that some dude is sitting on your Internet communications, intercepting traffic willy-nilly for the sole-purpose of causing a ruckus in your MFL league when he could be doing much more interesting stuff with that level of access. With what the guy has done so far, I don't think it's justified to make him into some cunning hacker. This just sounds like a guy with a basic understanding of how websites work.The issue here is with web application design and insecure code, not so much the general insecurity of the Internet at large.

 

[Ministry of Pain]

Remember the good ole days when we had to use paper and pen on Monday mornings as we opened either the local sports section or USA Today...and NFL Primetime with Berman and Jackson on Sunday Nights actually meant something. "Late games are over MOP, wanna head home?""More wings and beer please, Primetime is set to start and I wanna find as many stats as I can."You would go to bed on Sunday Night not really knowing exactly where you stood. If the team you were playing was close to your score it was just brutal waiting for the paper the next morning.Good times...

couldnt wait to grab the USA today on Monday morning and start grabbing the stats

I would even play the game of drawing it out and compiling the other team's stats first and then working my way up with my own team...always worked the WRs first, then the RBs, then the QB...I think I am going to start a league that way...the Paper and Pen league. We'll have 2 conferences. Conference 1-Ben Franklin, Conference 2-Paul Revere.No PPR, 3 pts per pass TD, 3 pts per Rec TD, 3 pts all FG, no mustard on your hot dogs, and you'll like it that way.

 

[THE UNDERCOVER BROTHA]

Ok MFL has responded to me.

It has pretty much said its a password issue and the guy basically guessed the passwords in the league. I fail to believe that but who knows.

Anyway there trying to help the matter and RESET the whole league. I am grateful of them trying to help the matter.

Ive since had ALL the guys to change there password and will wait and see if he can still get back in.

Also he mentioned something of IP Spoofing and Email Spoofing.... (what is this if anyone of you know?)

 

[datonn]

I've known about some issues with MFL in a few of my leagues too. The biggest problem I've seen is MFL giving me a choice of owners to login as...then automatically entering THEIR password, even though I didn't know it and had never saved said password on my computer.

If this can be done this is horrible.

I don't what you're talking about here. What do you mean automatically entering their password???? This does not and cannot happen as far as I know. I'd like some more details here.

BTM, what I was trying to describe was this. I fired up an MFL league home page in Firefox for one particular league and went to login as me. Password field had something like ********* in it, but no login. I then went to the drop-down menu to select myself as the team I wanted to login as. I accidentally clicked the Commish's name by mistake and the number of "*********" changed. I thought "weird," but I clicked login just for the heck of it. Viola...I was then logged into the server as our Commish.I have no idea how the Commish's password got into that password field. All I know is that I was logged in as the Commish...and could have run rough-shot over that entire league, it's records, it's data, etc. if I had been there for malicious purposes.What I was referring to before about playing offense kind of circumvents the whole being-hacked issue. Someone who really wants to hack your site and is smart/capable enough to do it will get in. It's just going to happen. However, folks have this guy's name. They know he's a former military man (even know the branch of the military he was in). A bit of Internet research and a couple phone calls and they probably know everything there is to know about said individual. A few subsequent calls to Veteran's Affairs/DoD, local law enforcement, local media, employers, family/girlfriend(s), etc. and all the B.S. stops. Well, either escalates to "diaper-wearing astronauts driving 14+ hours with felonies on their mind" or it stops...but 90+ percent of people are sane/rational enough to not let stuff get to that point.The other thought I had would be if this guy had any "special" connections to MFL. Former employee...sub-contractor....??? I know that some vendors/clients grant temporary access to privileged folders/directories on their site in support of completing projects, then somehow forget to close that door once a person is terminated or their contract period is complete. You get somebody like that who is causing issues, and they could bring the entire site/service to its knees. They should see court rooms and jail time as a result (again, if somebody "known" is doing all this stuff, they're really hanging themselves if they piss-off the wrong person)...but only if people shoot a few warning shots across their bow to let them know that they are poking the sleeping bear, then that person keeps on keeping on...

 

[the rover]

Try the Hennepin County Internet Police.

 

[PatsWillWin]

WHAT IS HIS FBG NAME?

ETA: nvm, figured it out. It's Joe Bryant.

 

[Joe Bryant]

Mike Hall at MFL is a good friend and as stand up a guy as I know in this business. MFL is a fantastic product we've loved forever. I'm not sure who has been contacted at MFL but I'll make sure Mike knows of this and can take whatever actions need to be taken. I've never heard of a security issue with MFL before.

J

 

[Man in the yellow hat]

Mike Hall at MFL is a good friend and as stand up a guy as I know in this business. MFL is a fantastic product we've loved forever. I'm not sure who has been contacted at MFL but I'll make sure Mike knows of this and can take whatever actions need to be taken. I've never heard of a security issue with MFL before. J

Rest assured, if there is an issue, they are likely working on it. I would definitely contact Mike to see what he knows.

 

[Twilight]

But I guess the question is, what would you have MFL do?

how about tougher password restrictions? hello.

Actually, they did institute some tougher restrictions this year. They now require at least one number in the password. No, it's not that major an increase, but it was an acknowledgement of an issue.

 

[brutha]

not that this exactly makes MFL Ft Knox, but they do now require at least 1 letter and 1 number in your passwords. a step in the right direction at least.

 

[THE UNDERCOVER BROTHA]

Ive been speaking with Kevin from MFL Joe.

Any help on this matter would be appreciated.

ALSO, here is one of the HACKERS teams.....you might be in a league with him.

http://football16.myfantasyleague.com/2009...F=0011&O=01 (they have nice team pages)

Also a bud in the league has looked up all the info on this guy, We know where he lives, who all lives with him and where he graduated from and pretty much everything on the guy. Jesh and he is a very smart guy too, on the Republican Board and is a part of the Republican Club. Anyway now with all the info we have to foward over to the right people this will hopefully STOP.

 

[stp-d]

At least we now know MFL is helping assist the commish. Thanks guys

 

[Ministry of Pain]

Ive been speaking with Kevin from MFL Joe.

Any help on this matter would be appreciated.

ALSO, here is one of the HACKERS teams.....you might be in a league with him.

http://football16.myfantasyleague.com/2009...F=0011&O=01 (they have nice team pages)

Also a bud in the league has looked up all the info on this guy, We know where he lives, who all lives with him and where he graduated from and pretty much everything on the guy. Jesh and he is a very smart guy too, on the Republican Board and is a part of the Republican Club. Anyway now with all the info we have to foward over to the right people this will hopefully STOP.

I see **** Cheney is busy with life after politics.

 

[Chicago Hooligan]

Patriot Act 2: Back in the Habit