Phandroid’s Android Forum Hacked, One Million Usernames And Passwords Stolen

Phandroid on Friday announced that its popular Android Forums website was hacked using a popular exploit. The security breach allowed hackers to steal 1,034,235 usernames, e-mail addresses, hashed passwords and registered IP addresses along with less critical forum information.

User accounts have been reset and Phandroid users can access their accounts once again by visiting the UserCP section or clicking on Forgot your password?

If you are currently using your same email and password combination on other sites it is recommended that you change that password to avoid further hacking attempts and the theft of your personal information.

The team at Phandroid explained how the hack occurred in a post titled Important Notice – Security Breach:

  • The exploit used has been identified and resolved. The server has been further hardened and extra “just in case” actions have been taken.. and will continue to be taken.
  • All code that resides in the database and the file system has been thoroughly reviewed for malicious edits and uploads.
  • No other sites in our network appear to have been accessed (we’re triple checking).
  • The user table of AndroidForum’s database was (at a minimum) accessed. While we can’t prove or disprove whether or not the data was downloaded (due to the way the data was transferred), it’s completely possible.. and we’ve taken action assuming this is the case.
  • Information in the user database includes: Unique ids, usernames, emails, hashed (encoded) passwords, registration IP addresses, usergroup memberships, infraction levels, last time online, last post date, post count… as well as far less critical things like number of PMs, visitor messages, last online dates, and some vbulletin options set in your UserCP.
  • Immediately following the incident, all ~100 staff were notified of a pending password change – and all passwords to were changed to random strings. Almost all are back in with new passwords. Because gaining access to a staff member account could pose the biggest threat, we first moved to secure these accounts.

Phandroid isn’t the only website to be attacked this week, another attempt lifted 400,000+ usernames and passwords from the Yahoo! Voices platform and the social network Formspring also watched as thousands of accounts were compromised.