security.jpgYesterday a database consisting of hacked websites and the data they contained was leaked to the public, potentially exposing usernames, passwords, and email addresses of their users. Unfortunately, hacked data from the Organ Forum was included in this database. Here's what happened, your risks, and remedies.

Where Did The Information Come From?
The leaked data was on a defunct hacker site, Cit0Day.in, which sold data from breached sites to hackers. The compressed data file was over 13 GB in size and contained data hacked over a period of years from over 23,000 websites world-wide. At this time it is unknown who or why this hacker data was leaked.

Organ Forum Data Breaches
The Organ Forum has suffered two data breaches in its history. The first one was in 2013 and the latest, and last known one, was in September of 2019.

The 2013 breach was believed to be a security breach of our then ISPs shared servers. Following that breach The Forum was moved to a more secure VPS server environment and increased security measures put in place.

The 2019 breach was caused by a zero-day vulnerability in the VBulletin software that powers the Forum. That breach was discovered within hours of its occurrence. The software was patched and information regarding the nature of the breach was posted on the Forum.

It is unknown from which of these two breaches the hacker data was obtained. The thing to note is that the hacked data leaked yesterday is at least a year old and has been available to hackers for at least that long.

Compromised Data
The hacker database contained the usernames, passwords, and email addresses of Organ Forum members. As mentioned above, the age of this data, and therefore its current relevancy is unknown. Passwords in the Organ Forum database are encrypted for security purposes, but it is unknown whether the hackers were unable to decrypt the Organ Forum passwords. A more secure password encryption algorithm was employed on the Forum as part of the January 2019 software upgrade. In addition, Organ Forum passwords have a lifetime of one year after which they must changed. This means that the compromised passwords are either expired or have been changed by their owners making them useless for accessing Organ Forum accounts;

The Imposed Risk
Of greatest concern is the password data. Although the compromised passwords are of no value on the Forum, you are at risk if you used these passwords on websites other than the Organ Forum. Good security practices require that you use a unique password for each site you visit, and, most security experts recommend using a password manager to facilitate this.

The risks imposed by a compromised email address are less severe, but can result in increased spam and a somewhat greater risk of identity impersonation. It is for this reason that the Forum does not permit email addresses as usernames or in posts; however, there are many legitimate sources of your email address, so it's not very likely that this exposure will substantially increase the already present email address risks.

Take Action
Consider taking the following actions to increase your Internet security:Going Forward
We wish to apologize once again for any inconvenience our past breaches have caused you. We take the security of this site and its members very seriously with timely software updates and regular security scans. Unfortunately, despite our best efforts, there's no way to completely prevent these breaches from occurring, but with full transparency and by implementing good security practices together we can minimize their impact.

I'd like to thank jimmywilliams for bringing the public release of this hacked data to my attention and the help provided in gathering some of the information found here.