Another day, yet another vBulletin break-in. Making off with potentially thousands of passwords… this time it’s Overclockers Australia forum.

Possible Security Issue (ya think?)

Just got this via email…

We’re still investigating what happened.  However, it is very likely that your OCAU password has been compromised.  Therefore please change your OCAU password as soon as possible.

Also, if you use the same password elsewhere, you should probably change those as well.  However, please be aware that using the same password on multiple services is a bad idea.

While there probably isn’t anything lower you can do than to hack a community forum, hopefully the fact that vBulletin now store passwords MD5′d and Hashed will add a level of security to prevent a stolen User table being brute-forced easily.

Still, it’s a timely reminder to only give out access to those you trust, and if possible, lock down database access to only a handful of site engineers & developers.

UPDATE:

Holy shit! Looks like Whirlpool was hit too.

*craps pants*

*cries*