Patrick Domingues

Comodo, one of the largest SSL Security Certificate Authorities notifies that their vBulletin Forum has been hacked. Comodo Group reported that 170,000 forum users had their data stolen by a hacker who exploited a recently disclosed vulnerability in vBulletin’s internet forum software.

Comodo notifies its forum users

According to the announcement from Comodo, an attacker exploited the vBulletin security flaw on Sunday 11/30/2019; their action resulted “in a potential data breach on the Comodo Forums.”

The Comodo Forum is powered by the open-source Simple Machine Forum software but vBulletin is used on another board dedicated for product updates and discussions, which has far fewer members.

ITarian a Free MSP platform solution. It’s forums, also by Comodo, has 45,300 users and is on vBulletin. They published a similar announcement and the same recommendations.

What was affected?

It was found that the affected data includes forum usernames, names, e-mail addresses, IP addresses from the most recent login, social media usernames, passwords and corresponding salt, security questions and hashed security answers, registration dates, messenger usernames and total time logged in.

Comodo has recommended that forum users change their passwords.

• Tackling Shadow IT: The Unseen Network Security Risk
• How to Spot and Report Cybercrime Effectively
• IT Management Strategies For Startups
• 3 Common Mistakes in IT Operations You Can’t Afford to Make
• How Generative AI Impacts Email Security