Our database was breached today at around 13:30 UTC / 9:30 EST. The perpetrator wiped some of our database in the process. Backups from 04:00 UTC / 00:00 EST has been applied, so we lost roughly 10 hours of gameplay data. Unfortunately, we did not keep any backups of round statistics, so the round info webpage has been wiped, aswell as things like favorite weapon. Leaderboard top 10 stats has also been reset due to this.
They got access to a root user somehow, which are not deployed in the wild anywhere, so I don't think it's any SQL injection.
He gets root access and decides to delete a bunch of tables that'll get backed up anyways? Boring. Would've been much more interesting if he fucked with money/usergroups.
Seeing as they could do much more, that's kinda terrifying. What were the motives of this dude if he wanted to up and delete everything?