The recent attack of Android Forums has exposed details of over 1,000,000 members. According to the official statement of Android fansite Phandroid, its website had been hacked last week, which resulted in exposure of sensitive details of 1,034,235 members.
The information that had leaked includes usernames, passwords (fortunately, those were hashed), e-mail addresses, registration IP addresses and a lot more interesting things related to the forum. The operators of the website admitted the fact of a breach and were quick to publish a post titled “Important Notice – Security Breach”, where Android Forums admin “Phases” explained that the hacker attack which resulted in data leak appeared a bog standard one exploiting a known vulnerability.
After the attack, the targeted server was checked for dodgy code. The administration of the website also promised to harden it against similar attacks. If you are the member of the website, you are strongly recommended to follow the operators’ advice and change your passwords. In case you use the same e-mail address and password combination somewhere else, it is better to change it there too.
Meanwhile, it seems that no other website in the network has been accessed by the hacker team. No hacktivists activity has thus far taken responsibility for the attack and nobody explained what they needed the gathered data for. The operators of the targeted website hope that it was an e-mail harvesting attempt, and the intruders were just looking for e-mail addresses to spam at a later time. This sounds reasonable, because it is hard to imagine who would need over a million of details of Andriod Forums members and what for.
The information that had leaked includes usernames, passwords (fortunately, those were hashed), e-mail addresses, registration IP addresses and a lot more interesting things related to the forum. The operators of the website admitted the fact of a breach and were quick to publish a post titled “Important Notice – Security Breach”, where Android Forums admin “Phases” explained that the hacker attack which resulted in data leak appeared a bog standard one exploiting a known vulnerability.
After the attack, the targeted server was checked for dodgy code. The administration of the website also promised to harden it against similar attacks. If you are the member of the website, you are strongly recommended to follow the operators’ advice and change your passwords. In case you use the same e-mail address and password combination somewhere else, it is better to change it there too.
Meanwhile, it seems that no other website in the network has been accessed by the hacker team. No hacktivists activity has thus far taken responsibility for the attack and nobody explained what they needed the gathered data for. The operators of the targeted website hope that it was an e-mail harvesting attempt, and the intruders were just looking for e-mail addresses to spam at a later time. This sounds reasonable, because it is hard to imagine who would need over a million of details of Andriod Forums members and what for.
No comments:
Post a Comment