More than 800,000 accounts compromised in MacRumors Forums breach

Share this article:

About 860,000 members who post on the forums of popular Apple website MacRumors are being asked to change their passwords after accounts were compromised in a hack.

How many victims? About 860,000.

What type of personal information? Usernames, email addresses and hashed passwords.  

What happened? An attacker hacked the forums and gained access to user credentials.

What was the response? An investigation is ongoing with a third party security researcher. A MacRumors administrator posted about the hack, alerting users of the incident and encouraging them to update their information. MacRumors is working to make the website more secure.

Details: A moderator account was logged into and used by the attacker to escalate privileges and steal user credentials. The hack was likened to the July breach of Ubuntu Forums, when an attacker compromised two million accounts after gaining access to a moderator account and taking advantage of vulnerabilities in vBulletin.

Quote: “We are still working to get the forums fully functional and more secure,” Arnold Kim, MacRumors editorital director, said in the notification. “Again, we are very sorry for the breach.”

Source: macrumors.com, “MacRumors Forums: Security Leak,” Nov. 12, 2013

Share this article:

Sign up to our newsletters

POLL

More in The Data Breach Blog

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.

Subcontractor breach impacts 1,700 in Dominion Resources employee wellness plan

About 1,700 people in the Dominion Resources employee wellness program have been notified that their data was accessed in a breach.

Document posted to California city website, employee data accessed

In California, a document posted to the City of Encinitas website contained data on hundreds of current and former city staffers.