Has a new Android security issue been discovered? Should you begin panicking and start worrying about what vital information those evil hackers may have leached from your phone? Fortunately, that isn’t the case… well, at least if you’re not on the Phandroid Android forums. Otherwise, it may be time to change your password.
Phandroidrevealed yesterday that their Android Forums website was hacked:
“I have some unfortunate news to pass along. Yesterday I was informed by our sever/developer team that the server hosting androidforums.com was compromised and the website’s database was accessed. While the breach is most likely harmless there are important and potential pitfalls, and we want to provide as much helpful information to our users as possible (without getting too technical).
“The trust of our users is extremely important and several staff members worked through the afternoon, evening, night, and morning to ensure we’re doing everything possible to regain complete security.”
According to reports, this was accomplished via a known exploit. The forum administrator shared the following facts regarding the security breach:
- The exploit used has been identified and resolved. The server has been further hardened and extra “just in case” actions have been taken.. and will continue to be taken.
- All code that resides in the database and the file system has been thoroughly reviewed for malicious edits and uploads.
- No other sites in our network appear to have been accessed (we’re triple checking).
- The user table of AndroidForum’s database was (at a minimum) accessed. While we can’t prove or disprove whether or not the data was downloaded (due to the way the data was transferred), it’s completely possible.. and we’ve taken action assuming this is the case.
- Information in the user database includes: Unique ids, usernames, emails, hashed (encoded) passwords, registration IP addresses, usergroup memberships, infraction levels, last time online, last post date, post count… as well as far less critical things like number of PMs, visitor messages, last online dates, and some vbulletin options set in your UserCP.
- Immediately following the incident, all ~100 staff were notified of a pending password change – and all passwords to were changed to random strings. Almost all are back in with new passwords. Because gaining access to a staff member account could pose the biggest threat, we first moved to secure these accounts.
The Phandroid Android forums currently has over 1 million members. if you are one of them, it may be a good idea to change your log-in details. You can do this by accessing the UserCP or using the Forgot Password function of the site. While there may not be any important information on your Phandroid account, if you’re the type of person who uses the same details on other websites you access, it might be a good idea to go in and change your log-in details there as well.
Phandroid believes that whoever hacked the website was probably planning to do an “e-mail harvest.” Or someone just had a lot of free time on their hands. Either way, the guys at Phandroid are still looking into the issue.
Do you use the same log-in credentials on multiple websites? What safety precautions do you take?