Compromised data: Dates of birth, Email addresses, IP addresses, Passwords, Usernames, Website activity.

28 services hacked, 4.9 Million affected.

QuinStreet

In approximately late 2015, QuinStreet the maker of “performance marketing products” had a number of their online assets compromised.

The attack impacted 28 separate sites, predominantly technology forums such as flashkit.com, codeguru.com and webdeveloper.com (the full list of sites is below).

QuinStreet advised that impacted users have been notified and passwords reset. The data contained details on over 4.9 million people and included email addresses, dates of birth and salted MD5 hashes.

Why are you only hearing about this now?

Whilst the breach occurred in December 2015, sometimes there can be a lengthy lead time of months or even years before the data is disclosed publicly. It’s just a question of how readily available the data is.

The Past Hack

In 2013 there was a reported hack that any site owned by QuinStreet could easily be exploited by a Perl script using the USERID_COOKIE to reveal 7M + user details. — seclists.org

Have you been affected?

As with any data breach, the usual advice applies: consider the potential risk to yourself based on the types of data exposed. For example, if passwords were compromised then go to the impacted site and reset yours immediately plus, of course, ensure that you’re not reusing that password on any other sites.

Full list of websites:

antionline.com

aspmessageboard.com

baselinemag.com

board.flashkit.com

channelinsider.com

cioinsight.com

codeguru.com

collection-agency-quotes.com

collectionagencyservices.net

databasejournal.com

datamation.com

devx.com

enterprisemobiletoday.com

eweek.com

forums.windrivers.com

hardwarecentral.com

justlinux.com

linux-mag.com

phpbuilder.com

practicallynetworked.com

serverwatch.com

sharkyforums.com

sysopt.com

vbforums.com

virtualdr.com

voipservicedirectory.com

webdeveloper.com

wi-fiplanet.com

What Next?

You can run a search for breaches of your email address at haveibeenpwned.com to get a complete list of sites where your account has been compromised.

Sources: https://haveibeenpwned.com/PwnedWebsites#QuinStreet

https://www.reddit.com/r/pwned/comments/1ac912/full_disclosure_use_any_site_owned_by_quinstreet

Will Preston

As always if you would like to discuss recommendations for you, then do email by clicking my logo below.