Why don’t people patch vBulletin? This may be one of the mysteries of life.
Zack Whittaker reports:
A hacker has targeted the official forum for popular mobile game “Clash of Kings,” making off with close to 1.6 million accounts.
The hack was carried out on July 14 by a hacker, who wants to remain nameless, and a copy of the leaked database was provided to breach notification site LeakedSource.com, which allows users to search their usernames and email addresses in a wealth of stolen and hacked data.
In a sample given to ZDNet, the database contains (among other things) usernames, email addresses, IP addresses (which can often determine the user’s location), device identifiers, as well as Facebook data and access tokens (if the user signed in with their social account). Passwords stored in the database are hashed and salted.
Read more on ZDNet.