Yes, this does not look good.
The fact they are not responding is unacceptable.
If they had a breach they are obligated to notify us.
I dont recall even hearing about this.
We had this breach back in June, which was immediately handled, thus there was no harm done to any of our users.
The root cause of the problem was about a vulnerability on a specific vBulletin version, and was thus was exploited to exfiltrate some data from the forum. After this happened, we have taken numerous precautions to prevent this in the future. We have moved the forum to a centralized infrastructure which allows us to be aware of vBulletin patches earlier, thus giving us the ability to apply patches almost immediately after they are released.
Last few releases of vBulletin (whether it is about security or not) was applied within 6 hours after they were released.
We also improved the account security on forum.
Some services may pick up these incidents very late, probably Lifelock also has newly alerted for that incident
We are again sorry for the inconvenience and guarantee that your accounts are safe.
@Elif,
Thank you for that.
Like I said I dont recall seeing anything about it and couldnt find anything when searched the forum.
Its important to know since I want to have an answer if a client brings it up.
looks really bad if I didnt know that the provider of the security company I suggest they look at had a breach.
Always good to prepare for the difficult questions.