Phandroid’s Android Forums security has been breached, user data such as usernames, passwords, IP addresses and email as well as other less sensitive information has been accessed.
If you have an account over there it would be advised to change your info, and if you used the same info, such as login or username elsewhere, go change that too! Proceed as fast as posible to the UserCP or go to Forgot Your Password to rectify the situation.
The exploit used has been identified and resolved. The server has been further hardened and extra “just in case” actions have been taken.. and will continue to be taken.
All code that resides in the database and the file system has been thoroughly reviewed for malicious edits and uploads.
No other sites in our network appear to have been accessed (we’re triple checking).
The user table of AndroidForum’s database was (at a minimum) accessed. While we can’t prove or disprove whether or not the data was downloaded (due to the way the data was transferred), it’s completely possible.. and we’ve taken action assuming this is the case.
Information in the user database includes: Unique ids, usernames, emails, hashed (encoded) passwords, registration IP addresses, usergroup memberships, infraction levels, last time online, last post date, post count… as well as far less critical things like number of PMs, visitor messages, last online dates, and some vbulletin options set in your UserCP.
Immediately following the incident, all ~100 staff were notified of a pending password change – and all passwords to were changed to random strings. Almost all are back in with new passwords. Because gaining access to a staff member account could pose the biggest threat, we first moved to secure these accounts.
He has also updated his post with the following concerning users of the Phandroid App:
I forgot to mention. If you are using the Android Applications – they will not register the password change and may flood your email with “someone has tried to access your account” emails. Unfortunately the only advice I have for that is to uninstall/re-install the app, if you cannot change your password from within.