Kodi, the provider of open-source media player software, has confirmed a security breach in which cyber attackers obtained the company's MyBB forum database containing private messages and user information of 400,000 users. The identity of the attackers remains unknown, and they attempted to monetize the information on the now-defunct BreachForums cybercrime marketplace.
The breach occurred when a trusted member of the forum admin team had their account used to gain access to the web-based MyBB admin console twice in February: on 16 February and again on 21 February. The account was then used to create and download database backups, including pre-existing nightly full-backups. There is no indication that unauthorized individuals accessed the server hosting the MyBB software. The rightful owner of the account did not engage in any malicious activity through the admin console, suggesting that their login credentials may have been stolen.
The breached information includes public forum posts, team forum posts, user-to-user messages, forum usernames, email addresses used for notifications, and encrypted passwords generated by MyBB software with hashing and salting techniques.
To prevent future incidents, Kodi is implementing additional security measures such as strengthening access to the MyBB admin console, limiting admin role privileges, and enhancing audit logging and backup procedures. They also announced a global password reset as a precautionary measure.
As a Kodi user, there are steps you can take to protect yourself, such as avoiding password reuse and creating unique and robust passwords for each account. Enable two-factor authentication whenever possible to add an extra layer of security. Always be wary of suspicious emails or messages that may contain phishing or malware attacks, and never click on links or download attachments from unknown sources.
For additional protection, consider Armoryze's managed detection and response service. Armoryze offers 24/7 threat monitoring and incident response services to detect and respond to security threats before they cause damage. Armoryze's services can help protect your organization against data breaches and cyber attacks. Schedule a free consultation to learn more about how Armoryze can help secure your business.