xkcd data breach hacking

XKCD—leak of issues most pop webcomic chopine recognized for its geeky tech humor and different science-laden comedian strips along romance, satire, maths, and linguistic communication—has suffered a information breach exposing information of its assembly customers.



Issues safety breach occurred 2 months agone, in response to safety investigator Ilium Search who alerted issues firm of issues incidental, with unknown hackers stealing round 562,000 usernames, netmail and IP addresses, equally good equally hashed passwords.



Nonetheless, issues leaked information was really found past safety investigator and information psychoanalyst Go Davies, who divided a re-create of it with Search.



Astatine issues clock of writing, XKCD has interpreted downwards its assembly and posted a small verbum along its homepage, equally divided downstairs, urging its customers to modify their passwords instantly.








"Issues xkcd boards ar presently offline. We have been alerted that parts of issues PHPBB exploiter tabular array from our boards confirmed upward inwards a leaked information assortment. Issues information contains usernames, netmail addresses, salted, hashed passwords, and inwards some instances, an IP deal with from issues clock of registration."




"We have interpreted issues boards offline till we tin go across them and do well they'ra safe. In case you'ra an echochamber.maine/xkcd boards exploiter, you need to instantly modify your password for whatsoever different accounts along which you worn issues self surgery an analogous password."



Issues assembly directors ar too notifying unnatural customers through netmail.

Web Application Firewall


Equally talked about, XKCD makes use of phpBB, a free and open-source assembly and bulletin board package reinforced inwards issues PHP scheduling package.



Nonetheless, astatine this minute it is unclear if XKCD was utilizing an elder model of issues assembly package tender to a safety defect surgery issues attackers used whatsoever antecedently unexplored defect inwards phpBB to extract issues information unauthorisedly.



Likewise this, fifty-fifty if XKCD was track across phpBB model 3.one and later, which makes use of more than safe BCRYPT hashing algorithm, it is doable that issues passwords for betimes customers of issues XKCD assembly have been encrypted through issues elder, lower safe MD5 hashing technique.



Obs you tin do at present: unnatural customers ar powerfully suggested to instantly modify their XKCD password, equally good equally passwords for whatsoever different on-line accounts which re-use issues self password.



Created inwards 2005 past American writer Randall Munroe, XKCD is a pop webcomic that focuses along tech, scientific discipline, and net civilisation, with its topic thing varies from statements along life and fancy to numerical, scheduling, and scientific in-jokes.



Have got one thing to say around this story? Remark downstairs surgery percentage it with america along Facebook, Twitter surgery our LinkedIn Group.