• Join Home Gardening Forum

45 Million Accounts Hacked At Several Online Forums

Mike

Might know the answer
Messages
977
Location
Kentucky
Planting Zone
6b
A company known as VerticalScope owns a large number of online forums, mostly car forums but several other types as well (see their lists here: verticalscope.com) have all been hacked... more than 45 million users username, email, and password have been leaked.

"Lack of HTTPS encryption and the use of vulnerable older versions of the vBulletin forum software were other weaknesses in VerticalScope sites"

http://jalopnik.com/45-million-accounts-hacked-at-some-of-the-biggest-car-f-1782030203

Hope none of you are affected and that everyone is not re-using passwords!
 

w_r_ranch

Master Gardener
Administrator
Moderator
Plus Member
Messages
6,449
Location
South Central Texas
Planting Zone
8b
I saw that as well. I have changed mine... I highly recommend that everyone change their passwords to one that is unique for each site... especially this one.

The issue is when you use the same username/password combo that you used here somewhere else, like on a bank account. The hackers then could possibly log into your bank account & empty it. By using a longer & more complex password (the critical part IMO), it makes future hacks much more difficult.

It's a shame that people have to deal with situations like this, but they do... so make your password a minimum of 10 characters, mixing upper/lower case & special characters (like those above the number keys).
 

Mike

Might know the answer
Messages
977
Location
Kentucky
Planting Zone
6b
The sad part of all of it is even having a 50 character password with upper, lower case, numbers, and symbols would have done nothing from stopping the hackers from getting the 45 million users information. More than 90% of all their forums are storing (and still are) storing passwords with only MD5 hash which is cake work to crack on modern computers.

That said, yes it's extremely important for everyone not to re-use passwords anywhere no matter how big or small, important or not a site might be to you. If you re-use then one hack takes over everything.

I would recommend using a password manager like KeePass or 1Password and using a strong password phrase as the master password, then let the password manager create and store all your passwords. There are browser addons to also auto type your passwords from these password managers. I have hundreds of passwords and only know a couple of them... the rest are stored in my password manager.
 
Top