MacRumors forums hacked, 860k user passwords compromised
Posted on 13 November 2013.
The popular user forum MacRumors has suffered a breach and is advising the entirety of its 860,000-strong user base to change their passwords as soon as possible.

The hack was effected on Monday, and according to site owner Arnold Kim, they have immediately started investigating the attack with the help of a third party security researcher.


He noted that the hackers copied the approach used by the attackers who managed to compromise the Ubuntu forums back in July: they managed to get their hands on the account credentials of a forum moderator, and were able to escalate their privileges in order to access the password database. How they got the moderator’s account credentials in the first place is still unknown.

Kim told Ars Technica that, so far, evidence points towards an unsuccessful attempt to access the database. Nevertheless, “we believe that at least some user information was obtained during the attack,” he said. “In situations like this, it's best to assume that your MacRumors Forum username, email address and (hashed) password is now known.”

He advises users to change their passwords on the site’s forums, and to immediately do the same on any other account for which they used the same password. “There are several guides online for how to choose a good password,” he noted, and advised users to use separate passwords for every service and to use a password manager software to manage them.









Spotlight

Staples customers likely the latest victims of credit card breach

Posted on 21 October 2014.  |  Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //