vBulletin Responsible for Breach of 27 Million Users
Posted by: Timothy Weaver on 08/26/2016 11:45 AM
[
Comments
]
We have reported on breaches that use vulnerabilities in vBulletin. Now, LeakedSource is reporting that a flaw in vBulletin is responsible for the breach of 11 websites that has exposed personal information of 27 million accounts.
The researchers said the exploit was SQL injection in the forums software. “Unfortunately we can confirm the existence of a 0day Vbulletin exploit. Expect lots of data to be added to LeakedSource,” according to LeakedSource.
What the hackers gained was usernames, email addresses, phone numbers, IP addresses, birthdays, and phone numbers. Additional domains were also breached including expertlaw.com, ageofconan.com, anarchy-online.com, freeadvice.com, gamesforum.com, longestjourney.com, ppcgeeks.com, and thesecretworld.com.
Source: SCMagazine
The researchers said the exploit was SQL injection in the forums software. “Unfortunately we can confirm the existence of a 0day Vbulletin exploit. Expect lots of data to be added to LeakedSource,” according to LeakedSource.
What the hackers gained was usernames, email addresses, phone numbers, IP addresses, birthdays, and phone numbers. Additional domains were also breached including expertlaw.com, ageofconan.com, anarchy-online.com, freeadvice.com, gamesforum.com, longestjourney.com, ppcgeeks.com, and thesecretworld.com.
Source: SCMagazine
Comments
