December 4, 2016

TechRadar’s user database stolen

(LiveHacking.Com) – Following the break-in at LinkedIn, popular British technology site TechRadar.com has sent an email to its users informing them of a security breach. According to the email, user details including username, email address, date-of-birth and encrypted passwords have been stolen. It looks as if the hackers managed to breach the site via the forums. The email goes on to explain, “the forums have been closed and will remain closed until we are satisfied that there are no further issues and the forum can be safely restored to service.”

The biggest danger is not that the hackers have your password to the TechRadar site, but rather that if you use the same password on any other websites. If so, then you need change these passwords immediately. The situation was the same when LinkedIn was breached but with the added twist that user data on LinkedIn was also potentially more valuable.

As always the email contained the normal platitudes, “our IT team launched an investigation immediately and has identified the cause of the problem and taken action to rectify it.” and “we take the security of your data extremely seriously and we apologize for any inconvenience caused.”

It seems that the break-in was discovered by TechRadar itself or that it was reported privately as there doesn’t yet seem to be any news of the database being posted publicly as was in the case of LinkedIn.

The TechRadar email mentions that the passwords were “encrypted”, however there are no details on what level of encryption was used or if they were salted. The problem with the LinkedIn breach was that the passwords were stored as hashes without salt. This meant that hackers were able to decrypt a large portion of the passwords very quickly.

TechRadar says it will contact its users again shortly with instructions on how to update passwords.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks