In association with heise online

13 July 2012, 12:12

Over 1 million user credentials compromised in Android Forums hack

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Phandroid logo Phandroid, a popular Android news site, has confirmed that its Android Forums web site was compromised and that private user data has been accessed. According to Phandroid's notice about the security breach, the user table of Android Forum's database was accessed by unknown intruders using a known exploit, which has since been fixed.

The database in question contains a variety of information on forum users, including usernames, email addresses, hashed and salted passwords, registration IP addresses; also other forum-related data, such as last time online and post date as well as post count. Based on current information, the site's community manager says that they cannot confirm if the data was in fact downloaded, adding that they believe the attack was "most likely an e-mail harvesting attempt". Additional steps to further harden server security and "extra 'just in case' actions" have also reportedly been taken.

All of the forum site's more than 1 million users are potentially affected by the security breach. The site's administrators advise all users to change their passwords as soon as possible through the User Control Panel (UserCP) or by using the "Forgot your password?" function.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit