ShellCodeX Breach Report
The Kodi Foundation Data Breach
kodi.tv
Verified breach
Passwords exposed
Accounts exposed
400,635
Breach date
16 Feb 2023
Added to tracker
13 Apr 2023
Data classes
7
What happened
In February 2023, The Kodi Foundation suffered a data breach that exposed more than 400k user records. Attributed to an account belonging to "a trusted but currently inactive member of the forum admin team", the breach involved the administrator account creating a database backup that was subsequently downloaded before being sold on a hacking forum. The breach exposed email and IP addresses, usernames, genders and passwords stored as MyBB salted hashes. The Kodi Foundation elected to self-submit impacted email addresses to HIBP.
Exposed data
Browser user agent details
Dates of birth
Email addresses
IP addresses
Passwords
Private messages
Usernames
Recommended actions
- Change your The Kodi Foundation password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing The Kodi Foundation โ attackers weaponise breach data quickly.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP