Android Forums is the last victim of a data breach, roughly 2.5 percent of users have been affected.
The moderators at the Android Forums confirmed they’ve been able to identify the alleged compromised accounts, in response to the incident they have reser the passwords for those accounts.
The moderators added that many of the affected accounts were older and half of them had never posted to Android Forums.
“Unfortunately, we were recently informed by our server engineers that the server hosting Android Forums was compromised and the website’s database was accessed.” reads the data breach notification published by Android Forums. “While this breach was relatively small, affecting less than 2.5% of our active users and limited data accessed, we want to provide as much helpful information as possible so you can take some steps to protect yourself.”
The hackers who breached the database of the forum accessed email addresses, hashed passwords, and salt. The moderators warn users of possible spear phishing attacks leveraging on stolen data.
“This could simply be an e-mail harvesting attempt. A spammer could run the acquired email addresses through a validation tool, then bulk e-mail all valid emails in a spam or phishing campaign. Luckily, Gmail and similar e-mail services offer strong spam prevention that automatically filters potential spam and phishing attempts or provides warning.” reads the notification. “At any rate, with emails phishing attempts could be made. They could pretend to be us, with emails sent out. Be cautious with what is asked of you in an email. We will never ask for your password in email.”
Of course, it is strongly suggested to every user of the Android Forum to change their passwords as a precaution measure.
The administrators of the forum have identified and resolved the flaw exploited by the attackers, they have also implemented further measures to harden the site.
Below the data shared by the administrators in the advisory:
The Neverstill Team that runs the forum apologized for the incident.
The improvements announced by site administrators include site-wide HTTPS support and a new 2-step authentication requirement for internal staff.