LinuxForums.org Hack Exposes 276,000 User Accounts


Abarbarian

Acruncher
Joined
Sep 30, 2005
Messages
10,410
Reaction score
925
LinuxForums.org Hack Exposes 276,000 User Accounts

The LinuxForums.org data breach is a consequence of the forums using an old version of vBulletin (version 4.2.2, released back in October 2013), a proprietary Internet forum software. Along with the 276k unique email addresses, usernames, IP addresses and salted MD5 password hashes were also leaked. Using salted MD5 password hashes is a bad idea because... well, MD5 is very fast, so an attacker can try billions of password combinations per second.
What's more, the haveibeenpwned.com website mentions that "Linux Forums did not respond to multiple attempts to contact them about the breach". There's no announcement about this issue on the LinuxForums.org either. It appears the forum was down for the past 3 days, and some parts of the LinuxForums.org website are not working right now due to a fatal error.
https://www.reddit.com/r/linux/comments/8pe70u/change_your_linuxforums_dot_org_passwords/

If you look on the LinuxForums site you will see no mention of the leak. If they have been hacked then you really should change your password.

http://www.linuxforums.org/forum/

Personally if they have been hacked and they have not bothered to alert their users then I would simply cancel my account and never use their site again.



:cool:
 
Ad

Advertisements

Ian

Administrator
Joined
Feb 23, 2002
Messages
18,971
Reaction score
1,011
It looks like they're running vBulletin, which was great 10 years ago... but insecurities seem to be found so often in it now.

Another good reason to use an offline password manager, with unique passwords for each site (although I seem to remember you do this already :thumb:). It should limit the damage when things like this happen :).
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Bank account hacked 7
hacking passwords/accounts 33
Unpatched Hole in Gmail - Accounts Hacked 3
hacked by godzilla 5
Computer Hacked 5
Bitdefender hacked? 3
Linux Mint was hacked !!! 6
MySpace Hacked ... again 4

Top