Back to Radar
CR

CrimeAgency vBulletin Hacks

Medium

Compromise of 140 vBulletin forums in 2016 resulted in 942,044 user records being exposed.

Records exposed
942,044 records
Breach date
Breach Jan 19, 2017
Last update
Updated Mar 21, 2017

What data was exposed?

Fields reported as compromised in this breach record.

Email addressesPasswordsUsernames

Why does this breach matter?

In-depth analysis of the breach and its implications.

In January 2016, numerous forums powered by outdated versions of the vBulletin software were compromised by a malicious actor known as 'CrimeAgency'. In total, 140 forums were impacted, exposing a combined 942,044 records including usernames, email addresses, and passwords hashed primarily using salted MD5. This breach highlighted the critical importance of timely security updates and robust password hashing mechanisms.

Impact Analysis

Understanding the scope and consequences of this breach.

User Impact
Users of affected forums faced risks of credential exposure and potential account takeover.
Business Impact
Forum providers experienced reputational damage and operational disruptions.
Affected Sectors
  • Online Communities
Geographic Impact
  • Global

What You Should Do

Recommended actions to take in response to this breach.

If You Were Affected

  • Ensure passwords are changed immediately on any affected forum.
  • Check for reuse of exposed passwords on other accounts and change them.
  • Monitor accounts for suspicious activity.

Preventive Measures

  • Always employ strong password hashing techniques.
  • Regularly update software to patch known vulnerabilities.
  • Monitor systems for signs of exploitation and unauthorized access.

Frequently Asked Questions

Common questions about this breach and what it means for you.

The breach occurred due to exploitation of unpatched vulnerabilities in vBulletin software.