[BreachExchange] Comodo Breach Exposes Account Login Info For Up To 245, 000 Users

Destry Winant destry at riskbasedsecurity.com
Thu Oct 3 01:55:33 EDT 2019


https://www.crn.com/news/security/comodo-breach-exposes-account-login-info-for-up-to-245-000-users

Cybersecurity vendor Comodo said this week that the account login
information of up to 245,000 users registered to comment on the Comodo
Forums has been exposed.

The Clifton, N.J.-based company said an unknown attacker exploited the
zero-day vBulletin software vulnerability and potentially breached the
Comodo Forums database. vBulletin is one of the most popular server
applications for website comments, Comodo said.

Comodo said it became aware of the potential data breach on Sept. 29,
four days after vBulletin released a patch to address the newly
discovered vulnerability. But Comodo didn't apply the recommended
patches until after the security flaw had already been exploited.

"We have put in place measures to ensure that vulnerabilities in
third-party software, such as vBulletin, will be patched immediately
when patches become available," the company wrote in a security notice
posted late Monday. Comodo didn't immediately respond to a request for
additional comment from CRN.

The hacked database contains information on users of the forum,
including login username, actual name, e-mail address, hashed
passwords, last IP used to access the forums, and some social media
usernames in very limited situations. Comodo said that all user
passwords in the database were encrypted.

Comodo said its forums currently have approximately 245,000 registered
users. Immediately after detecting the intrusion, Comodo said its IT
infrastructure team took the forums offline in hopes of mitigating the
exploit.

At that same time, Comodo applied the recommended security patches.
The company also temporarily disabled the registration for new users
on the affected forums.

Comodo recommends that anyone registered on its forums on or before
Sept. 29 immediately change their passwords. The company urged users
to select strong random passwords, and not share their passwords
across different internet accounts.

"We deeply regret any inconvenience or distress this vulnerability may
have caused you, our users," Comodo said in its security notice.


More information about the BreachExchange mailing list