Posted to the Phandroid Forum on July 10:
I have some unfortunate news to pass along. Yesterday I was informed by our sever/developer team that the server hosting androidforums.com was compromised and the website’s database was accessed. While the breach is most likely harmless there are important and potential pitfalls, and we want to provide as much helpful information to our users as possible (without getting too technical).
The trust of our users is extremely important and several staff members worked through the afternoon, evening, night, and morning to ensure we’re doing everything possible to regain complete security.
Here are the facts:
– The exploit used has been identified and resolved. The server has been further hardened and extra “just in case” actions have been taken.. and will continue to be taken.
– All code that resides in the database and the file system has been thoroughly reviewed for malicious edits and uploads.
– No other sites in our network appear to have been accessed (we’re triple checking).
– The user table of AndroidForum’s database was (at a minimum) accessed. While we can’t prove or disprove whether or not the data was downloaded (due to the way the data was transferred), it’s completely possible.. and we’ve taken action assuming this is the case.
– Information in the user database includes: Unique ids, usernames, emails, hashed (encoded) passwords, registration IP addresses, usergroup memberships, infraction levels, last time online, last post date, post count… as well as far less critical things like number of PMs, visitor messages, last online dates, and some vbulletin options set in your UserCP.
Read the rest of the notice on AndroidForums.com. They seem to have gotten a lot of compliments on their response to and notification of the breach.
h/t, The Hacker News