Announcement

Collapse
No announcement yet.

Forum data breach?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Forum data breach?

    Got this from my lifelock alerts today.
    I dont recall getting a notification about a data breach from Itarian?


    What We Found

    Activity
    Potential Data Exposure

    Impacted Website
    forum.itarian.com


    Description
    The site forum.itarian.com has been reported in June 2020 to possibly have suffered a data exposure that could include 50,397 records


    Exposed Information
    info_outline


    Email
    *e**i*@smart-mail.net




    Additional Exposed Information
    info_outline


    Username, Password, IP Address-32 Bit




  • #2
    Why no response.

    Comment


    • #3
      No comment from ITarian? That doesn't look too good....

      Comment


      • #4
        Yes, this does not look good.
        The fact they are not responding is unacceptable.
        If they had a breach they are obligated to notify us.
        I dont recall even hearing about this.

        Comment


        • #5
          This is an old news that was already handled and forum alerted in the past. I have no idea why lifelock is doing this now, best to check it with them.

          Comment


          • #6
            Originally posted by melih View Post
            This is an old news that was already handled and forum alerted in the past. I have no idea why lifelock is doing this now, best to check it with them.
            Thanks. I was worried this was another such incident, so happy to hear otherwise.

            Comment


            • #7
              Originally posted by melih View Post
              This is an old news that was already handled and forum alerted in the past. I have no idea why lifelock is doing this now, best to check it with them.

              I did search the site but couldnt find anything, can you point me to the info.


              Comment


              • #8
                Thank you for responding.
                This stuff is very important for us to know and I could not recall seeing anything about it.

                Comment


                • #9
                  Of course. We follow a responsible disclosure guideline.

                  Comment


                  • #10
                    Hello smartcloud @eztech,

                    We had this breach back in June, which was immediately handled, thus there was no harm done to any of our users.

                    The root cause of the problem was about a vulnerability on a specific vBulletin version, and was thus was exploited to exfiltrate some data from the forum. After this happened, we have taken numerous precautions to prevent this in the future. We have moved the forum to a centralized infrastructure which allows us to be aware of vBulletin patches earlier, thus giving us the ability to apply patches almost immediately after they are released.

                    Last few releases of vBulletin (whether it is about security or not) was applied within 6 hours after they were released.

                    We also improved the account security on forum.

                    Some services may pick up these incidents very late, probably Lifelock also has newly alerted for that incident

                    We are again sorry for the inconvenience and guarantee that your accounts are safe.


                    Best regards,
                    Product Management Team

                    Comment


                    • #11
                      @Elif,
                      Thank you for that.
                      Like I said I dont recall seeing anything about it and couldnt find anything when searched the forum.

                      Its important to know since I want to have an answer if a client brings it up.
                      looks really bad if I didnt know that the provider of the security company I suggest they look at had a breach.
                      Always good to prepare for the difficult questions.

                      Lifelock found my info the dark web.

                      Comment

                      Working...
                      X