#Michael Posted November 13, 2013 Share Posted November 13, 2013 I know that neowin isn't a forum for other websites but I thought it was worth posting it anyways. Macrumors was hacked...so if you have an account there assume that your details were taken. MacRumors user forums have been breached by hackers who may have acquired cryptographically protected passwords belonging to all 860,000 users, one of the top editors of the news website said Tuesday evening. "In situations like this, it's best to assume that your MacRumors Forum username, e-mail address and (hashed) password is now known," Editorial Director Arnold Kim wrote in a short advisory. He went on to advise users to change their passwords for their MacRumors accounts and any other website accounts that were protected by the same passcode. The MacRumors intrusion involved "a moderator account being logged into by the hacker who then was able to escalate their privileges with the goals of stealing user login credentials," Kim said. The company is still investigating how the attacker managed to compromise the privileged account. Ars full article: http://arstechnica.com/security/2013/11/hack-of-macrumors-forums-exposes-password-data-for-860000-users/ Macrumor announcement: http://www.macrumors.com/2013/11/12/macrumors-forums-security-leak/ Link to comment Share on other sites More sharing options...
Sandor Posted November 13, 2013 Share Posted November 13, 2013 Seems they were encrypted/salted so not a complete disaster. Link to comment Share on other sites More sharing options...
SMELTN Posted November 15, 2013 Share Posted November 15, 2013 Seems they were encrypted/salted so not a complete disaster. it was vBulletin's standard md5 hashed and salted. Which is not that strong, so assume that your password can be determined with time. Direct quote from arn @ MacRumors Link to comment Share on other sites More sharing options...
Recommended Posts