Forums of German CHIP hacked – more than 2.4M subscribers

The forum from the German publication CHIP has been hacked, the site has sent an email to their subscribers. In the e-mail the owners report that an unauthorized third party gained access to the administration of the CHIP bulletin board. During the investigating the forum is read only and CHIP has hired independent forensic experts to investigate the incident.

myce-chip-hacked-message

So far they are unsure whether any personal information has been taken, as the CHIP writes, “we are uncertain at this point, whether user data was taken. This notification is a precaution for your protection. It cannot be ruled out that email addresses and encrypted passwords (so called password hashes) were taken. The attacker could attempt to use the hashes to decrypt weak passwords.”

Apparently they are afraid also other parts of the site are affected, as they write, “therefore we urge all users of download.chip.eu to change their passwords immediately. If you are a user of forum.chip.de, you have to change your passwords once the login is activated again.”

The forum runs on the popular forum software Vbulletin, like the Club Myce Forums for which several vulnerabilities exist, especially when many plugins are used.

CHIP is a large German website and magazine, their forums have more than 2.4 million members and over 10 million posts. According to Wikipedia the site is visited by 66 million users per month. The name CHIP is also used in fourteen other countries in Europe and Asia.