Tens of millions of accounts from the popular forum hosting site, VerticalScope. The site hosts forums on various topics including car, tech, and sports communities. From the stolen database, approximately 45 million accounts of close to 1,100 websites and forums are available. VerticalScope is a Toronto-based company that specializes in hosting sites and forums which are run by some reputable sites including AutoGuide.com, PetGuide.com, and TopHosts.com.
In its blog post explaining the hack, the company wrote that in each of the 45 million accounts which they have at the moment, it showed that they contained an email address, a username, an IP address, a password and in some instances a backup password. LeakedSource also said that the scale of the breach would only be possible if VerticalScope had stored the data on one server or interconnecting servers.
They also noted that passwords were not in stored in a secure way, and only 10 percent used an encryption method to secure their passwords. The firm said that for the remainder of the leaked records, 40 million of them, the encryption which was used was the MD5, which is far from suitable for keeping data safe. LeakedSource also mentioned they were in control of the data from April and had already gone through the process of confirming the information, but they said they had only started analyzing the data now. However, they didn’t mention how the data had found its way into their hands.
The company involved said that they were aware of the possible of a breach, and their internal security team was on it. They also announced they were collecting and gathering up information about the breach so as to give it to the law enforcement agencies and then they could take over the investigation. They didn’t outright confirm the breach, however.
Jerry Orban, Vice President of corporate development, said in an email interview that the breach would have been limited to usernames, user IDs, email addresses, and only the encrypted passwords of users. He said that the company was reviewing their security policies so as not to let something of this magnitude happen again and it was also an answer to the increased security-related incidents.
As of late there have been multiple breaches of a large scale of some of the big social media sites. The breaches have all been disclosed in the past month and include, LinkedIn (167 million), MySpace (360 million), Tumblr (65 million), and Vk (70 million). It is yet unclear who carried out the hack, but one of the LeakedSource group members said that the hack was not in any way related to the MySpace, LinkedIn, and Tumblr hacks.