- The leaked information includes forum usernames, email addresses, IP addresses, and passwords stored in MD5 phpBB3 format.
- Upon learning about the incident, the company took down its forums and is currently working on securing the flaw that exposed the data.
What’s the matter?
XKCD forum suffered a data breach in July 2019 and the compromised data has been added to Have I Been Pwned website.
The big picture
Security researcher Adam Davies provided the data exposed in the XKCD forum data breach to Have I Been Pwned on September 1, 2019.
- The leaked information includes forum usernames, email addresses, IP addresses, and passwords stored in MD5 phpBB3 format.
- This incident has impacted nearly 562000 members.
The data breach is alleged to have been caused due to a flaw in the open-source phpBB message board software.
What was the response?
Upon learning about the incident, the company took down its forums and is currently working on securing the flaw that exposed the data.
“The xkcd forums are currently offline. We've been alerted that portions of the PHPBB user table from our forums showed up in a leaked data collection. We’ve taken the forums offline until we can go over them and make sure they're secure,” XKCD said.
Publisher
/https://cystory-images.s3.amazonaws.com/shutterstock_766044058.jpg)
/https://cystory-images.s3.amazonaws.com/shutterstock_498380503.jpg)
