Comodo Forums Breach, Data of Over 170,000 Users Up For Grabs (Oct 1, 2019)
A breach in Comodo Forums has over half of the forums’ users data to be stolen and up for sale. Comodo, a cybersecurity firm, used vBulletin software that has a critical vulnerability, which may have resulted in the breach. With a user base of around 245,000 registered users, the data of 170,000 is being sold including birth date, email addresses, IP addresses, passwords, security questions and usernames. An investigation is currently being conducted.
Recommendation: Leaks of this sort may cause affected individuals to be at a greater risk of phishing attacks. Actors can use this information to craft custom emails to increase their chances of malicious activity being approved by the recipient. Individuals who have accounts associated to this incident should change their passwords as soon as possible, particularly if passwords for said accounts are the same to other online accounts. Individuals should also regularly monitor their credit reports for suspicious activity or consider an identity theft protection service.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.