Open supply media participant software program supplier Kodi has confirmed a data breach after risk actors stole the corporate’s MyBB discussion board database containing consumer information and personal messages.
What’s extra, the unknown risk actors tried to promote the info dump comprising 400,635 Kodi customers on the now-defunct BreachForums cybercrime market.
“MyBB admin logs present the account of a trusted however at present inactive member of the discussion board admin workforce was used to entry the web-based MyBB admin console twice: on 16 February and once more on 21 February,” Kodi mentioned in an advisory.
The risk actors then abused the account to create database backups that have been then downloaded and deleted. Additionally downloaded have been present nightly full backups of the database. The account in query has now been disabled.
The nightly backups contained all public discussion board posts, workforce discussion board posts, messages despatched by means of the user-to-user messaging system, and consumer info akin to discussion board username, e-mail deal with used for notifications, and an encrypted (hashed and salted) password generated by the MyBB software program.
Kodi mentioned there isn’t a proof risk actors managed to acquire unauthorized entry to the underlying server internet hosting the MyBB software program. It additional emphasised that the legit account proprietor didn’t carry out malicious actions on the admin console, suggesting credential theft.
Out of an abundance of warning, the maintainers mentioned work is underway to provoke a worldwide password reset. Customers are really useful to vary their passwords on different websites if the identical password has been used.
Within the interim, the corporate has taken down the Kodi discussion board and famous that it is within the technique of commissioning a brand new server, an exercise that is anticipated to final “a number of days.” It is also planning to redeploy the discussion board on the newest model of MyBB software program.
As extra security measures, Kodi is hardening entry to the MyBB admin console, revising admin roles to restrict privileges, and enhancing audit logging and backup processes.
