Kodi, the popular open-source media player and streaming suite, has recently disclosed a data breach that occurred in February, 2023. Hackers gained unauthorized access to the organization’s MyBB forum database, which contained user data and private messages, and attempted to sell it online.
The breach affected approximately 400,000 members who used the forum to discuss media streaming, exchange tips, offer support, share new add-ons, and more in 3 million posts.
Details shared by Kodi
According to Kodi’s announcement, hackers exploited the credentials of an inactive staff member to log into the MyBB admin console. They accessed the admin panel twice on February 16 and 21, 2023, and created and downloaded multiple database backups. They also downloaded existing nightly full backups of the database.
The stolen database contained various data types, including:
- All public forum posts
- Staff forum posts
- Private messages sent between users
- Forum member data such as usernames, email addresses, and encrypted (hashed and salted) passwords generated by the MyBB software.
Kodi has warned that all passwords should be considered compromised. The company has advised users to assume that their forum credentials and any private data shared with other users through the user-to-user messaging system have been compromised. Additionally, users who have used the same username and password on other sites have been urged to change their passwords on those sites as well.
In response to the breach, Kodi’s admin team is planning a global password reset, which may impact service availability. The company is also commissioning a new forum server and redeploying the forum using the latest available MyBB version. This comes with a heavy workload required to incorporate custom functional changes and backport security fixes, so a delay of “several days” is to be expected.
Kodi has also shared a list of exposed email addresses associated with forum accounts with the Have I Been Pwned data breach notification service. Users can check if their email address has been compromised by visiting https://haveibeenpwned.com/
The company has apologized for the inconvenience caused by the breach and thanked its users for their patience and understanding. Kodi has also promised to provide more updates on the situation as soon as possible.
Finding the attack on Kodi
The breach was disclosed after cyberintelligence company KELA informed BleepingComputer that the ‘Kodi Community Forum’ database was being sold in February on the now defunct Breached hacking forum. The hacker was asking for $500 for the database.
Kodi is not the only organization that has suffered a data breach involving its MyBB forum database. In March 2023, hackers stole and leaked online the MyBB forum database of Nitro Type, an online racing game with over 40 million users. The database contained user data such as usernames, email addresses, hashed passwords, IP addresses, game stats, and more.
Data breaches are becoming more common and more damaging as hackers target online platforms that store large amounts of user data. Users should always use strong and unique passwords for each site they visit and enable two-factor authentication whenever possible. Users should also monitor their online accounts for any suspicious activity and report any incidents to the relevant authorities.
Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.
Facebook: Eagle Tech Corp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp