ShellCodeX Breach Report
Boxee Data Breach
forums.boxee.com
Verified breach
Passwords exposed
Accounts exposed
158,093
Breach date
29 Mar 2014
Added to tracker
30 Mar 2014
Data classes
10
What happened
In March 2014, the home theatre PC software maker Boxee had their forums compromised in an attack. The attackers obtained the entire vBulletin MySQL database and promptly posted it for download on the Boxee forum itself. The data included 160k users, password histories, private messages and a variety of other data exposed across nearly 200 publicly exposed tables.
Exposed data
Dates of birth
Email addresses
Geographic locations
Historical passwords
Instant messenger identities
IP addresses
Passwords
Private messages
User website URLs
Usernames
Recommended actions
- Change your Boxee password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Boxee โ attackers weaponise breach data quickly.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP