Ernesto writes:
The uTorrent community forums have been hacked, exposing the private details of hundreds of thousands of users. The hackers were able to get their hands on the user database, and a warning issued by the software maker says that passwords should be considered compromised.
With well over 150 million active users a month uTorrent is by far the most used BitTorrent client around.
[…]
“The vulnerability appears to have been through one of the vendor’s other clients, however it allowed attackers to access some information on other accounts. As a result, attackers were able to download a list of our forum users,” uTorrent writes.
Read more on Torrent Freak.
The forum announcement:
Important Security Advisory
Bommuraj Paramaraj
06/07/2016On June 6th, 2016, BitTorrent was made aware of a security issue involving the vendor which powers our forums.
The vulnerability appears to have been through one of the vendor’s other clients, however it allowed attackers to access some information on other accounts.As a result, attackers were able to download a list of our forum users. We are investigating further to learn if any other information was accessed.Our vendor has made backend changes so that the hashes in the file do not appear to be a usable attack vector.
As a precaution, we are advising our users to change their passwords. While the passwords may not be used as a vector on the forums, those hashed passwords should be considered compromised. Anyone using the same password for forums as well as other places is strongly advised to update their passwords and/or practice good personal security practices.