This is an important message about your account.
We take your security and privacy very seriously. Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password. Our investigation currently indicates that the attackers accessed customer IDs and encrypted passwords on our systems. We have taken the precaution of resetting your account password. We apologize for any inconvenience this has caused but felt that it was necessary to help protect you and your account.

To regain access to your account:

Visit the vBulletin forums at http://www.vbulletin.org/forum/profile.php?do=editpassword
Enter in your existing password followed by your new password, twice for confirmation.
Save this page at the bottom.

Please choose a new password and do not use the same password you used with us previously. We also highly recommend that you choose a password that you are not using on any other sites.

If you have any additional questions or concerns, please feel free to contact our support team at http://www.vbulletin.com/go/techsupport or [email protected].

Sincerely,

Wayne Luke,
vBulletin Lead Technical Support.
Helping You Build Better Communities,

Or dis;
http://mattgarner.net/uploads/Important_Message_Regarding_Your_Account__INBOX_20 131116_181445.png

Me & xxMATTGxx; got one, vBulletin's taking a turn for the worse...

Thread moved by Nick (Forum Super Moderator): From 'Designing & Development' as it is more suited here.

Oh dear. Am surprised to see this from them!

MacRumours was hacked the other day as well.

MacRumours was hacked the other day as well.

Surprised other forums haven't been targeted, can think of loads that have thousands of members. Shame though at how it's increasing attacks and to have top security is so expensive and there's always a way to get around it with loopholes etc.

Surprised other forums haven't been targeted, can think of loads that have thousands of members. Shame though at how it's increasing attacks and to have top security is so expensive and there's always a way to get around it with loopholes etc.

Because they aren't all the same attacks.

Because they aren't all the same attacks.

Mhm, just a shame though and frustrating not only for the management but users. :(

woah crap!!!

GoldenMerc;


Given our analysis of the evidence provided by the Inject0r team, we do not believe that they have uncovered a 0-day vulnerability in vBulletin.

These hackers were able to compromise an insecure system that was used for testing vBulletin mobile applications. The best defense against potential compromises is to keep your system running on the very latest patch release of the software.

Regards,
Wayne Luke.

http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4007719-regarding-claims-of-new-0-day-exploits-in-vbulletin

GoldenMerc;



http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4007719-regarding-claims-of-new-0-day-exploits-in-vbulletin

Thing I like with vBulletin, they put up their hands when they are in the wrong. They do need to step up

Surprised other forums haven't been targeted, can think of loads that have thousands of members. Shame though at how it's increasing attacks and to have top security is so expensive and there's always a way to get around it with loopholes etc.

While probably not the case here, half the time the loophole they use isn't a security flaw anyway's but a person.

All these accounts getting hacked tend to be commonly social engineered hacks where people have tricked someone into giving information, visiting a link etc. Problem is security isn't perfect anyway's but add human errors to the mix and you get problems.

Do they mean customers that have forums registered with Vbulletin, or individual accounts within a vBulletin site.

Do they mean customers that have forums registered with Vbulletin, or individual accounts within a vBulletin site.

The forum that is actually hosted on Vbulletin.com and .org. Not vbulletin forums that customers have hosted on their own sites (example: habboxforum)

The forum that is actually hosted on Vbulletin.com and .org. Not vbulletin forums that customers have hosted on their own sites (example: habboxforum)

No it was the site, members details were leaked etc