Open-source media player software provider, Kodi, has announced a data breach after hackers stole the company’s MyBB forum database, including private messages and user data. The breach was carried out by an unknown group of threat actors who then attempted to sell the stolen data on the now-defunct BreachForums cybercrime marketplace.
Admin Account Breached
Kodi reported that the MyBB admin console was accessed twice, on 16th and 21st February, via the account of an inactive member of the forum admin team. The account was used to create and download database backups, including the nightly full backups of the database, which contained public forum posts, team forum posts, user-to-user messages, and user information like forum username, email addresses, and encrypted passwords.
Kodi assured its users that there is no evidence that the threat actors gained unauthorized access to the underlying server hosting the MyBB software. However, the legitimate account owner did not perform any malicious actions on the admin console, suggesting that the account was compromised due to credential theft.
Password Reset Recommended
Kodi maintains that it is currently working on initiating a global password reset out of an abundance of caution. The company also recommends that users change their passwords on other sites if they have used the same password as their Kodi account.
Conclusion
The data breach incident at Kodi highlights the increasing sophistication of cyberattacks and the need for companies to maintain the security of their user data. It also underlines the importance of having strong and unique passwords to prevent unauthorized access to user accounts. Users should take the recommended measures to protect their personal information and privacy online.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.
