ZoneAlarm, the flagship brand of security company Check Point, was the victim of a data breach in the course of which hackers were able to gain unauthorized access to one of its web forums.
Once on the web forum, the hackers were able to obtain the names, email addresses, encrypted passwords, and dates of birth of nearly 4.500 business customers.
Although neither ZoneAlarm nor Checkpoint publicly announced the breach, ZoneAlarm sent emails to the relevant subscribers and urged them to immediately change the passwords for their forum account, which reads as follows:
"The website has been made inactive to fix the problem and will resume as soon as it is corrected. You will be asked to reset your password once you have joined the forum. ZonaAlarm is conducting a thorough investigation of the incident site, serious business. "
VBulletin vulnerability
According to The Hacker News, which first revealed that the ZoneAlarm web forum had been breached, the attackers exploited a known critical vulnerability in the vBulletin forum software to gain unauthorized access to the security company's website.
ZoneAlarm had not updated its vBulletin software and its forum was still using version 5.4.4 at the time of the breach. Unfortunately, this release contains a "zero-day" vulnerability that hackers recently exploited to hack into the Comodo forum, where they were able to access the login information of 245,000 of its users.
Security vulnerabilities in the vBulletin forum software were also exploited earlier this year when the retro gambling website Emuparadise was breached by hackers who compromised email addresses, usernames, word passwords and IP addresses of 1,2 , XNUMX million user accounts.
The ZoneAlarm breach is another reminder for companies that fixing their software should be a priority, unless they wish to be the victim of a similar data breach.
Via law