The notorious hacker group OurMine made the headlines once again, this time the victim it the Unity Game Engine forum.
The group has defaced and hacked the Unity forum over the weekend and used its data to send out emails to registered users via a built-in mass email feature.
The messages inform the Unity forum users that they had gained access to a database containing the details of 2 million users and suggest them to change their passwords.
OurMine is known in the hacking community as a group that hacks to create awareness on cyber threats and suggests victims the right cyber posture.
Below a copy of the message sent to the users:
Hah,OurMine at it again.#OurMine
— Eliot Leo (@EliotLeo) April 30, 2017
Unity has admitted the data breach in a blog post published today, it blamed the incident on “poorly implemented password routines.” The company tried to reassure its users confirming that the hackers only accessed “a limited set of data,” and adding that no passwords or financial data had been compromised.
“On April 30, our public forum website was attacked and successfully compromised due to poorly implemented password routines; our investigations show no theft of passwords in this attack, nor impact to any other Unity service.” reads the blog post.
“However, the attack did result in defacement of the site (which has since been fixed) and subsequent messaging to all of our registered forum users.”
Even if the hackers did not access any password, Unity suggests changing the password.
“No passwords were lost in the breach, but we still recommend a password change due to possibility of the group having emails and passwords from another source, which could be used to access their account,” Unity representatives said.
The company plans to improve the authentication to its service by introducing two-factor authentication, a login alerting mechanism, along with a new password policy.
The company took offline the forum following the hack, at the time I was writing it is once again up and running. The forum was restored using a backup timestamped April 30, 14:01 CEST, this means that some posts may have been lost.
Last time we met the OurMine group was in January when the crew hacked the New York Times Twitter video account.
The group, who hacked the Netflix US Twitter account (@Netflix) in December to promote its website and hacking services, is known for its attacks against high-profile Twitter accounts. The list of victims is very long and includes Mark Zuckerberg, Twitter co-founder Evan Williams, David Guetta Daniel Ek, former Twitter CEO Dick Costolo, Twitter CEO Jack Dorsey, the CEO and founder of Spotify, Google CEO Sundar Pichai, and many others.
(Security Affairs – Unity forum, OurMine)