ShellCodeX Breach Report
CrimeAgency vBulletin Hacks Data Breach
Verified breach
Sensitive
Passwords exposed
Accounts exposed
942,044
Breach date
19 Jan 2017
Added to tracker
21 Mar 2017
Data classes
3
What happened
In January 2016, a large number of unpatched vBulletin forums were compromised by an actor known as "CrimeAgency". A total of 140 forums had data including usernames, email addresses and passwords (predominantly stored as salted MD5 hashes), extracted and then distributed. Refer to the complete list of the forums for further information on which sites were impacted.
Exposed data
Email addresses
Passwords
Usernames
Recommended actions
- Change your CrimeAgency vBulletin Hacks password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing CrimeAgency vBulletin Hacks โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP