In an incident practically ripped from the plot of one of its own stories, the webcomic XKCD reported that user data from its online forum section was found in an exposed database.
XKCD, which labels itself a “webcomic of romance, sarcasm, math, and language,” posted in a brief note that portions of its PHPBB user table from its forums showed up in a leaked data collection. The exposed data includes usernames, email addresses, salted and hashed passwords, and some IP addresses from the time of registration.
“We’ve taken the forums offline until we can go over them and make sure they’re secure. If you’re an echochamber.me/xkcd forums user, you should immediately change your password for any other accounts on which you used the same or a similar password,” the post said.
Vice.com reported that Troy Hunt of Have I Been Pwned alerted XKCD to the issue and that 560,000 forum members were involved.