Kodi confirms data breach involving user records and private messages
Popular open-source media player software company, Kodi has confirmed that it suffered a data breach after cybercriminals stole the company's MyBB forum database containing user data and private messages.
"MyBB admin logs show the account of a trusted but currently inactive member of the forum admin team was used to access the web-based MyBB admin console twice: on 16 February and again on 21 February. The account was used to create database backups which were then downloaded and deleted," Kodi said in a statement also adding that the nightly full-backups of the database were also downloaded.
The account owner has confirmed they did not access the admin console to perform the said actions.
While there is no evidence that the malicious actors accessed the underlying server that hosts the MyBB software, Kodi cautions that the breach exposed sensitive information such as messages sent through the user-to-user messaging system, forum usernames, email addresses, and passwords generated by the MyBB software.
These passwords were encrypted, but Kodi has advised users to assume that the passwords have been compromised and take steps to change the username and password if they have reused them on any other account.
On its part, Kodi has taken down the MyBB server as it explores how best to perform a global password reset and how best to assure the integrity of the server host and associated software.
Users will be updated once the server is back online and given instructions on how to reset their accounts.
Also, as an extra precaution, Kodi will redeploy the forum on the latest version of MyBB software. This will be reinforced with further hardening of the MyBB admin console to restrict access. It’s not an easy process and the company estimates it may take a few more days to complete.
The company has said it will also be sharing exposed email address data with the breach disclosure website haveibeenpwned to increase awareness.