vBulletin zero-day flaw (CVE-2019-16759): Comodo Forum data breach
According to report, Comodo Discussion Forum (ITarian) has recently suffered a big data breach that led to expose the data of around 245,000 users. The breached data of innocent users of Comodo Forum are Real name, username used for posting in forums, email ID, hashed password, most recent IP addresses to visit the forums and some other usernames from other social sites as well. However, Cyber security researchers have found out vBulletin zero-day flaw which was used in order to compromises Comodo Forum users’s crucial data while logging into online accounts. Let’s start the discussion about the “Data leak of 245000 Comodo forum users” story in detail.
vBulletin zero-day flaw: Comodo forum data breach
Comodo discussion forum is also known as ITarian which has recently suffered a huge data breach. According to security experts, vBulletin zero-day bug or CVE-2019-16759 allowed the hacker to gaining access to targeted machine by installing malicious codes remotely and Comodo failed to take care of flaw on the time.
For those who are not aware, the company has two separate official forums i.e., forums.itarian.com and forums.comodo.com which has huge number of users. Although, the company has not said officially which of public forums were affected, it is likely that the latter was impacted by the hack as it runs on simple machines forums software on Comodo’s sub-domain. The company claims to have taken the hacked forums out. Let’s take have a look company statements about this data exposure.
Data leak of 245,000 Comodo Forum users: Comodo forum data breach
The company has clearly said that data exposure took place on 29th September 2019 related to personal information of numerous users. In the published notification, the Comodo Company has states the data leak of 245000 Comodo forum users accounts log-in details including real name, username for posting in forums, email ID, hashed password, most recent IP address used to visit the forums and other username from social media platforms as well. However, the company has promised to inform all the users if any personal data will be discovered. Let’s look at company’s statements.
“An unknown attacker exploited the recently discovered vBulletin vulnerability and potentially gained access to the forums database. Our investigations are ongoing to determine what data, if any, has been accessed.”
Secruity Researchers suggested: ITarian Discussion Forums users should change their account passwords immediately
As we know that, Comodo is well-known security software maker. So, falling to security patch the vBulletin zero-day bug before attack occurred is major downfall. If you are a user of Comodo Itarian forum, then you should hurry up change your old password to new & strong password as soon as possible because bad actors can expose your data in upcoming future. We recommended you to add some numbers, Symbols as well characters to make strong password.
We are researching on the matter “Data leak of 245000 Comodo forum users” and we will defiantly post an update, it will come in future. For any suggestion or queries, please write on comment box given below.
You may also read: Account Hijacking Campaign Attacks A Large Number Of Youtube Influencers