Hackers have stolen around 45 million accounts data from VerticalScope. It is a Canadian media company that runs over 1,100 support forums and community websites on home, tech and sports. It put millions of data on risk.
According to LeakedSource
Verticalscope.com and all of their domains were hacked in February of 2016 but it is coming to light only now. Popular domains such as Techsupportforum.com, MobileCampsites.com, Pbnation.com and Motorcycle.com were among the sites that were affected by the breach. However, the data stolen does not appear to have been put up for sale on the dark web, as of now.
This data set contains nearly 45 million records from over 1100 websites and communities. Each record may contain
- Email address
- IP address
- Password (In some cases a second password also)
LeakedSource added this data set on April 27th 2016 but they analysed it now.
It is also likely that VerticalScope.com stored all of their data on interconnected or even the same servers as there is no other way to explain a theft on such a large scale.
Passwords were stored in various encryption methods but less than 10% of the domains which account for a very small amount of leaked records used difficult to break encryption (less than a couple of million). Most of the records (over 40 million) were just MD5 with salting and this is insufficient.”
VerticalScope.com acknowledged the hack, without confirming it outright, adding that it was currently investigating the breach. However the company is yet to make any public announcements in relation to the hack.
Jerry Orban, vice-president of corporate development said in an email that
We believe that any potential breach is limited to usernames, user IDs, email addresses, and encrypted passwords of our users. In addition, we are reviewing our security policies and practices and in response to increased Internet awareness of security-related incidents, including potential incidents on our communities, we are implementing security changes related to our forum password strength and password expiration policies across certain forum communities.
A LeakedSource group member said it was “not related” to the recent hacks against MySpace, LinkedIn, and Tumblr.
Subscribe for latest hacking updates