ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

vBulletin Data Breach

vbulletin.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 518,966
Breach date 03 Nov 2015
Added to tracker 24 Jan 2016
Data classes 9

What happened

In November 2015, the forum software maker vBulletin suffered a serious data breach. The attack lead to the release of both forum user and customer accounts totalling almost 519k records. The breach included email addresses, birth dates, security questions and answers for customers and salted hashes of passwords for both sources.

Exposed data

Dates of birth Email addresses Homepage URLs Instant messenger identities IP addresses Passwords Security questions and answers Spoken languages Website activity

Recommended actions

  • Change your vBulletin password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing vBulletin โ€” attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP