Comodo Breach Exposes Account Login Info For Up To 245,000 Users
The hacked Comodo database contained information on forum users, including login username, actual name, e-mail address, hashed passwords, last IP used to access the forums, and social media usernames in limited situations.
Cybersecurity vendor Comodo said this week that the account login information of up to 245,000 users registered to comment on the Comodo Forums has been exposed.
The Clifton, N.J.-based company said an unknown attacker exploited the zero-day vBulletin software vulnerability and potentially breached the Comodo Forums database. vBulletin is one of the most popular server applications for website comments, Comodo said.
Comodo said it became aware of the potential data breach on Sept. 29, four days after vBulletin released a patch to address the newly discovered vulnerability. But Comodo didn't apply the recommended patches until after the security flaw had already been exploited.
[Related: Comodo Cybersecurity Debuts Partner Program In Channel-Only Push]
"We have put in place measures to ensure that vulnerabilities in third-party software, such as vBulletin, will be patched immediately when patches become available," the company wrote in a security notice posted late Monday. Comodo didn't immediately respond to a request for additional comment from CRN.
The hacked database contains information on users of the forum, including login username, actual name, e-mail address, hashed passwords, last IP used to access the forums, and some social media usernames in very limited situations. Comodo said that all user passwords in the database were encrypted.
Comodo said its forums currently have approximately 245,000 registered users. Immediately after detecting the intrusion, Comodo said its IT infrastructure team took the forums offline in hopes of mitigating the exploit.
At that same time, Comodo applied the recommended security patches. The company also temporarily disabled the registration for new users on the affected forums.
Comodo recommends that anyone registered on its forums on or before Sept. 29 immediately change their passwords. The company urged users to select strong random passwords, and not share their passwords across different internet accounts.
"We deeply regret any inconvenience or distress this vulnerability may have caused you, our users," Comodo said in its security notice.