Home > Cyber News > Social Engineered Forum Data Breach Compromises 55,000 Members

Social Engineered Forum Data Breach Compromises 55,000 Members

Social Engineered, a platform which promotes “the art of human hacking” has been hacked. As a result, its users’ data was leaked on a competitor’s website.

89,000 unique email addresses linked to 55,000 members of the platform were compromised, as well as usernames, IP addresses, private messages and passwords stored as salted MD5 hashes. The data breach took place on June 13.

According to the Have I Been Pwned website, “the breach of the XenForo forum was published on a rival hacking forum and included 89k unique email addresses spread across 55k forum users and other tables in the database”.

What was the reason for Social Engineered’s Data Breach?

Snow101, the owner of Social Engineered, shared in a forum post that a vulnerability in MyBB is the reason for the data breach. “Mybb had a vulnerability yet again and the site got breached along other websites using Mybb. We moved over to xenforo i suggest changing your passwords immideately,” he wrote.

MyBB is an open-source, free software project that used for creating and maintaining forums. It appears that the flaw may be a recently disclosed critical stored cross-site scripting bug located in MyBB’s private messaging and post modules. In case of exploit, the vulnerability could allow attackers to obtain full access to an account. The good news is that the flaw was addressed in MyBB version 1.8.21, which was released on June 10.

Related: [wplinkpreview url=”https://sensorstechforum.com/8-4-tb-email-metadata-exposed/”] 8.4TB of Email Metadata Exposed by ElasticSearch Database

To prevent another incident, Social Engineered has been moved to the XenForo platform. The forum owner has asked members of the forum to make donations so that SocialEngineered transforms into a commercial forum.

In Q1 2019 alone, [wplinkpreview url=”https://sensorstechforum.com/8-4-tb-email-metadata-exposed/”] a total of 1903 publicly disclosed data breaches have been registered, as disclosed by Data Breach QuickView Report conducted by Risk Based Security. The data breaches exposed more than 1.9 billion records only in the first quarter of 2019.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree