Hackers steal personal data of almost 200,000 GTA fans
Fan site hit by data breach after forums compromised
The personal data of nearly 200,000 Grand Theft Auto (GTA) fans is for sale on hacking forums, after a fan site for the game was hacked.
Last month, hackers breached the forums of GTAgaming.com, which provides news, information and discussion about the series, and gained access to email and IP addresses, dates of birth and hashed passwords.
The data was discovered by security researcher and breach expert Troy Hunt, who found it being traded on a now-defunct hacking forum and contacted Motherboard.
When contacted, site administrator Shawn Harkin told Motherboard that white he knew his website had been breached, he had no idea that users' personal details had been stolen.
"I was aware of a hack and had already been reversing the damage, but it was not until your email that I had heard that any data had actually been obtained," he told Motherboard. However, he was quick to note that the number of affected users may be much smaller than initially thought.
He pointed out that a substantial proportion of the 197,000 affected accounts are made up of banned accounts, spambots and inactive accounts created as early as 2003.
The hackers broke into the site by exploiting flaws in the vBulletin forum software, but Harkin has now taken action against this. "We have now closed the forums permanently, and any accounts not updated within the next couple weeks will be deleted from the database," a post alerting users to the breach read.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"We will be moving the account database into a more secure authentication system, removing all trace of the vBulletin forum software, and until then will be keeping a close eye to prevent any further compromises."
Users will be prompted to reset their passwords the next time they log in, and any passwords not updated will shortly be force-reset.
Adam Shepherd has been a technology journalist since 2015, covering everything from cloud storage and security, to smartphones and servers. Over the course of his career, he’s seen the spread of 5G, the growing ubiquity of wireless devices, and the start of the connected revolution. He’s also been to more trade shows and technology conferences than he cares to count.
Adam is an avid follower of the latest hardware innovations, and he is never happier than when tinkering with complex network configurations, or exploring a new Linux distro. He was also previously a co-host on the ITPro Podcast, where he was often found ranting about his love of strange gadgets, his disdain for Windows Mobile, and everything in between.
You can find Adam tweeting about enterprise technology (or more often bad jokes) @AdamShepherUK.