13 Jul 2012
More than one million records of forum users have been stolen after the successful breach of Phandroid's Android Forums web site. According to the note posted online, the breach revealed user data including e-mail addresses, hashed passwords, as well as registration IP addresses and last log-in date.
Luckily for the exposed users, the forum is powered by the vBulletin platform, which comes with built-in password encryption as well as salting (an adjustment to the password that prevents bruteforce attacks against the hashed passwords). However, the ones in possession of the leaked data can still link usernames to geographic locations by looking up their registration IPs in geolocation databases.
"I have some unfortunate news to pass along," the warning note reads. "Yesterday I was informed by our sever/developer team that the server hosting Androidforums.com was compromised and the website's database was accessed. While the breach is most likely harmless, there are important and potential pitfalls, and we want to provide as much helpful information to our users as possible (without getting too technical)."
According to the same post, the data was exposed through an exploit in the web server software, not in the bulletin board platform. The Phandroid team has checked both the file system and the database for extra code that could open backdoors to cyber-criminals and users are now urged to change their passwords at once to prevent unauthorized account use.