Android Forums Data Breach- Reset Your Passwords ASAP

Are you an Android Forums user? If yes, then reset your password as soon as possible. A data breach has been reported by the Android Forums. According to the moderators of Android Forums, a security vulnerability has been exploited by the hackers to access website database. The Android Forums said, only 2.5 percent users are the victims of this data breach. The victims, who are using the same password for Android Forums and other online accounts could be in trouble. The compromised accounts of victims have been identified by the moderators and to protect those accounts from crooks, they have reset the password.

The Compromised Accounts

The Android Forums, published a “General Post” with the heading “Regarding the security breach email some of you are getting” to inform the users about the data breach. In the post, the Android Forums wrote,” We have been contacted by our server moderators recently and they told us that the server hosting of Android Forums was compromised. The database of the website was also accessed by the hackers. Only 2.5 percent users of Android Forums are the victims and most of the hacked accounts are older and had never published a single post.”

Stolen Information

The Android Forums has said that we will provide all the possible information to the users, so they can protect their accounts from cybercriminals. Following information of Android Forums users, has been stolen by the hackers:

Email Addresses

Passwords (Hashed)

Salts

"The hackers could use this stolen information to target the users through spear phishing campaigns. The hackers could send specially crafted malicious spam emails through email validation tool. The major email platforms such as Gmail and many other are using strong spam filtering algorithms to protect the users from such type of phishing attempts. But the hackers are very smart, they can manage to target the victims through social engineering attacks as well. The hackers could manipulate the victims by sending emails which look likes legitimate Android Forums emails."

The Android Forums has warned the users by saying, “We will never ask for your password in the email.” We personally recommend you to change your password. If you are using same username and password for other popular online platforms, change the password of those accounts as well. A hacker will always try the stolen login credentials on other online platforms.

What About The Security Vulnerability?

We can’t say what was the exact security vulnerability but according to the report of Android Forums, the security flaw has been resolved by them. To protect the website from such type of data breaches in future, they have also implemented further security measures to harden the website. The site-wide HTTPS support and a new two-step verification process for internal staff has been announced by the website administrators. Following data has been shared by the site administrators of Android Forums in the advisory:

The hackers have exploited a security flaw to steal data and it has been resolved by us.

All the other website of our network are safe and secure.

We have checked the log and identified all the compromised accounts. To inform the victims, we have targeted an email.

There are only 40 victims who have registered their accounts between 2016 and 2017. Rest of the compromised accounts are older.

One staff member of Android Forums is also a victim of this data breach.

50% compromised accounts, never posted a single post in the forum.

Also Read: