Forum data breach?

Got this from my lifelock alerts today.
I dont recall getting a notification about a data breach from Itarian?

What We Found

Potential Data Exposure

Impacted Website

The site has been reported in June 2020 to possibly have suffered a data exposure that could include 50,397 records

Exposed Information


Additional Exposed Information

Username, Password, IP Address-32 Bit

Why no response.

No comment from ITarian? That doesn’t look too good…

Yes, this does not look good.
The fact they are not responding is unacceptable.
If they had a breach they are obligated to notify us.
I dont recall even hearing about this.

This is an old news that was already handled and forum alerted in the past. I have no idea why lifelock is doing this now, best to check it with them.

Thanks. I was worried this was another such incident, so happy to hear otherwise.

I did search the site but couldnt find anything, can you point me to the info.

Thank you for responding.
This stuff is very important for us to know and I could not recall seeing anything about it.

Of course. We follow a responsible disclosure guideline.

Hello @smartcloud @eztech,

We had this breach back in June, which was immediately handled, thus there was no harm done to any of our users.

The root cause of the problem was about a vulnerability on a specific vBulletin version, and was thus was exploited to exfiltrate some data from the forum. After this happened, we have taken numerous precautions to prevent this in the future. We have moved the forum to a centralized infrastructure which allows us to be aware of vBulletin patches earlier, thus giving us the ability to apply patches almost immediately after they are released.

Last few releases of vBulletin (whether it is about security or not) was applied within 6 hours after they were released.

We also improved the account security on forum.

Some services may pick up these incidents very late, probably Lifelock also has newly alerted for that incident

We are again sorry for the inconvenience and guarantee that your accounts are safe.

Best regards,
Product Management Team

Thank you for that.
Like I said I dont recall seeing anything about it and couldnt find anything when searched the forum.

Its important to know since I want to have an answer if a client brings it up.
looks really bad if I didnt know that the provider of the security company I suggest they look at had a breach.
Always good to prepare for the difficult questions.

Lifelock found my info the dark web.