The Hacker News Logo
Subscribe to Newsletter

MacRumors forum hacked; more than 860,000 accounts compromised

Popular Mac news and information site MacRumors user forums have been breached by hackers on Monday this week.
More than 860,000 usernames, emails and hashed passwords were potentially compromised. Users are advised to users that they change their passwords on the forums, as well as any other sites or services where the same password has been used.

MD5 with or without salt, to be an inadequate means of protecting stored passwords. Back in 2012, the original author of the MD5 password hash algorithm has publicly declared that MD5 is no longer considered safe to use on commercial websites.
u
The owner of the site, Arnold Kim, apologized for the intrusion and said that it occurred because the hacker gained access to a moderator account, which then allowed the intruder to escalate their own privileges with the goal of stealing user login credentials.
"We are looking into it further to see if there was another exploit, but there hasn't been any evidence of it yet."
He said the site had been hacked in a similar manner to the Ubuntu forums in July, where attackers defaced the site and accessed the user database. At the time, the site claimed to have over 1.8 million registered members.
We are still working to get the forums fully functional and more secure,”
He said, according to the Log file, so far indicate that the intruder tried to access the password database, but there are no indications that the passwords are circulating online in any form.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.