MacRumors forums hacked, 860k user passwords compromised
Posted on 13 November 2013.
Bookmark and Share
The popular user forum MacRumors has suffered a breach and is advising the entirety of its 860,000-strong user base to change their passwords as soon as possible.

The hack was effected on Monday, and according to site owner Arnold Kim, they have immediately started investigating the attack with the help of a third party security researcher.


He noted that the hackers copied the approach used by the attackers who managed to compromise the Ubuntu forums back in July: they managed to get their hands on the account credentials of a forum moderator, and were able to escalate their privileges in order to access the password database. How they got the moderator’s account credentials in the first place is still unknown.

Kim told Ars Technica that, so far, evidence points towards an unsuccessful attempt to access the database. Nevertheless, “we believe that at least some user information was obtained during the attack,” he said. “In situations like this, it's best to assume that your MacRumors Forum username, email address and (hashed) password is now known.”

He advises users to change their passwords on the site’s forums, and to immediately do the same on any other account for which they used the same password. “There are several guides online for how to choose a good password,” he noted, and advised users to use separate passwords for every service and to use a password manager software to manage them.









Spotlight

Dissecting the unpredictable DDoS landscape

Posted on 23 April 2014.  |  DDoS attacks are now more unpredictable and damaging than ever, crippling websites, shutting down operations, and costing millions of dollars in downtime, customer support and brand damage, according to Neustar.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Apr 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //