The credentials of 1 million users of the forum were stolen during this massive data breach.
The Android Forums notification reads: The exploit used has been identified and resolved.
The server is being further hardened and extra just in case actions are being taken.
No other sites in our data pipe appear to have been accessed.
We were able to replay the attack and log the output identifying all accounts compromised.
We have targeted an email, and this notice, to those accounts.
The administrators have reset the passwords of all the compromised accounts that were identified.
The stolen data included hashed passwords, email addresses and salts.
In other words, whoever hacked Android Forums was looking for e-mail addresses to spam at a later time.
Having said this, the attack could have also been done just for kicks.
Currently, investigations are on for the data breach.
The administrators wrote: This could simply be an e-mail harvesting attempt.
This could be someone who is upset with us who hopes to use the information against staff.
They could blackmail us and threaten to publish the information publicly.
They added: Perhaps they were practising on us.
Or, they could be comparing hashes against the previous set to see what has or has not changed.
source: www.techworm.net
