In the past week hackers managed to infiltrate no less than four major websites; and while users of three of these four sites only have to worry about more spam in their inbox and potentially someone else posting forum messages on their behalf, the users of Bitcoinica have taken some serious financial losses.
The bitcoin bank was hacked back in May, and according to this forum post the site’s operators apparently failed to patch things up properly since then. Long story short, a total of $40,000 and another 40K bitcoins fell into the hands of the perpetrators– a total of about 350K US. HackANGLE editor Kyt Dotson wrote about the incident earlier today in much greater detail.
The second most notable breach in security was that of Phandroid’s Android Forums, which has over one million registered users. An admin also promptly posted a lengthy description of the incident on the forums, and by the looks of it the hackers were gunning for the one million email addresses that the site stores. Phandroid did a much better job at taking care of the issue than Bitcoinica however–users have been alerted to change their passwords immediately after the incident.
Hackers managed to sneak their way into more than just one major board in the past seven days. Nvidia’s forums have also been compromised, and the next day 35,000 emails and the associated passwords have been pulled from Billabong.com. The popular retailer stored this data in plaintext rather in an encrypted format.
“A post on CodePaste.net claimed 20,000 to 35,000 user names and corresponding passwords were retrieved in the hack of billabong.com. But the post included only 1,435 plaintext user credentials and didn’t explain the discrepancy. Australia-based Billabong provides the accounts to customers to make frequent online purchasing more easy. The post also included what it claimed were user names and hashed passwords for MySQL accounts used to administer the site.