WebHostingTalk.com, DBForums.com, ABestWeb.com, Mac-Forums.com, and HotScripts.com may of been hacked on July 4th, 2016. The data that was allegedly hacked includes: username, email address, password, IP address, private messages, and birthday data.
LeakedSource.com is reporting that the data that was hacked include passwords that were hashed using MD5 with salts. The salts were reportedly available in the database. The top password that was revealed by LeakedSource is “123456” followed by a few others that appear to be spam accounts that may of been created by bots. The most frequent email domains that were used to registered on WebHostingTalk.com includes gmail.com, yahoo.com, hotmail.com, outlook.com, and aol.com as popular choices.
If you have a user account at one of the Penton (owners of iNet Interactive now) sites listed above. You can go to LeakedSource.com to check for free to see if your account was compromised. It is highly recommended if you have any accounts with any of the Penton owned sites that you should change their passwords IMMEDIATELY. If the password that you used on any of the Penton sites were used on any other sites. You SHOULD IMMEDIATELY go change those passwords.
The WebHostingTalk.com database is available for sale for around $2000 dollars. The parties that may of had breached the security of the sites mentioned above are now reportedly selling the databases on the dark web. Which is accessible by the .onion domain name which requires the use of the Tor network to access. There are reports that the security breach on several of the Penton sites were due to either the usage of old software to a possible 0day exploit for vBulletin may of caused the breach.
Penton has not release any official statement concerning this security breach. A WebHostingTalk community moderator has made a post confirming that there may of been unauthorized access and a third party forensics team is working with them to figure out what happened. The WebHostingTalk community moderator states that they would provide more information once they have it and that they have implemented security measures over the last 82 hours. This would not be the first security breach, back in 2009 WebHostingTalk was also hacked and users private data was also compromised. In 2009 the data that was compromised included advertiser’s credit card data.