OpenWRT, a router operating system development community, recently announced a data breach, and all registered users’ emails may have been stolen.
According to the announcement issued by the forum administrator, on Saturday, around 04:00 (GMT), an unknown user obtained the account authority of the forum administrator and exported user information.
The exported information includes detailed information of all users, such as e-mails and content filled in by other users. At the same time, some statistics of the forum were also stolen.
Fortunately, the user password database does not seem to have been stolen but based on security considerations, the forum directly resets all user accounts and passwords.
Under normal circumstances, even if the password is leaked after enabling multi-factor authentication, it will not cause much danger. However, the administrator of this forum has not enabled multi-factor authentication.
It is also true that the administrator password does not know when it was obtained by the hacker. The hacker directly logs in to the administrator account and exports part of the forum information separately.
The different modules of the OpenWRT forum have been separated, so the administrator account controlled by hackers is basically of little use other than downloading user registration information.
For example, the forum wiki is also separated from the credential server, so it should be safe. The OpenWRT forum stated that there is no evidence that the wiki was compromised.
It should be noted that all API KEYs are automatically invalidated when the user account password is reset. If it is a developer, you need to regenerate the API KEY.
Although only e-mails are leaked, there are still potential security implications. Although the attackers cannot log in to the user’s account directly, they can conduct phishing.
For example, fake official forum emails are sent to registered users in batches to induce users to enter account passwords on the link. If you are a developer, you need to pay attention to safety.
Therefore, when users receive emails from the OpenWRT forum, please be careful to confirm the address, especially if the trustworthiness of some email addresses is extremely poor, please do not click the link.