More than 800,000 accounts compromised in MacRumors Forums breach

Share this article:

About 860,000 members who post on the forums of popular Apple website MacRumors are being asked to change their passwords after accounts were compromised in a hack.

How many victims? About 860,000.

What type of personal information? Usernames, email addresses and hashed passwords.  

What happened? An attacker hacked the forums and gained access to user credentials.

What was the response? An investigation is ongoing with a third party security researcher. A MacRumors administrator posted about the hack, alerting users of the incident and encouraging them to update their information. MacRumors is working to make the website more secure.

Details: A moderator account was logged into and used by the attacker to escalate privileges and steal user credentials. The hack was likened to the July breach of Ubuntu Forums, when an attacker compromised two million accounts after gaining access to a moderator account and taking advantage of vulnerabilities in vBulletin.

Quote: “We are still working to get the forums fully functional and more secure,” Arnold Kim, MacRumors editorital director, said in the notification. “Again, we are very sorry for the breach.”

Source: macrumors.com, “MacRumors Forums: Security Leak,” Nov. 12, 2013

Share this article:

Sign up to our newsletters

POLL

More in The Data Breach Blog

Second burglary breach within a month for Coordinated Health

More than 700 Pennsylvania patients have been impacted after Coordinated Health experienced its second burglary-related data breach within a month.

Fate of unencrypted drive unknown, PHI of 5,500 in Virginia at risk

A Virginia-based chiropractic center is not quite sure what happened to an unencrypted thumb drive, which contained personal information - including Social Security numbers - on more than 5,500 patients.

Iowa State server breach exposes SSNs of nearly 30,000

The breach impacts Iowa State students where were enrolled at the university between 1995 and 2012.