Cybersecurity company Comodo revealed Tuesday, Oct 1, its discussion board and support forums have suffered from a data breach, potentially exposing the personal information of about 245,000 users.
According to the security notice published by the company, an unknown attacker has exploited a recently disclosed vBulletin 0-day vulnerability, which leads to a potential data breach involving the Comodo Forums database.
“Very recently a new vulnerability in the vBulletin software, which is one of the most popular server applications for website comments including the Comodo Forums, was made public,” the company wrote. “Over the weekend at 4:57 am ET on Sunday, September 29, 2019, we became aware that this security flaw in the vBulletin software had become exploited resulting in a potential data breach on the Comodo Forums.”
The breached database is said to contain names, email address, hashed passwords, IP address, and some social media usernames of nearly 245, 000 users. In an effort to mitigate the exploit and solve the incident, the Comodo IT infrastructure team decided to take down the forums instantly.
“As a precautionary measure, we recommend that forum users should immediately change their passwords and exercise good password practices such as strong random passwords and not share your passwords across different Internet accounts. The account passwords were encrypted in vBulletin for the Comodo Forum users, but a password change is recommended as part of good password practices,” the company added.
The 0-day vulnerability (CVE-2019-16759) is a recently disclosed vulnerability in vBulletin—one of the most popular internet forum software. The disclosure puts over 100, 000 websites powered by vBulletin at risk as the vulnerability could be exploited easily by an unauthenticated attacker.
“We deeply regret any inconvenience or distress this vulnerability may have caused you, our users. As members of our community of Comodo Forum users we want to reassure you that we have put in place measures to ensure that vulnerabilities in third-party software, such as vBulletin, will be patched immediately when patches become available,” Comodo ended.
Founded in 1998, Comodo serves as a global leader in cybersecurity solution. The recent incident comes as Comodo’s second security flaw following another incident that happened in July when a hacker gained access to internal files and documents owned by the company.
To date, the security company operates two forums: the forums.comodo.com and the ITarian Forum. The former is run on the Simple Machines Forum software, while the latter is run on vBulletin.