400,000 Users Hit by Data Breach at Media Player Maker Kodi

Open source home theater software developer Kodi this week announced that it has started rebuilding its user forum following a February 2023 data breach. The incident was disclosed last week, after a threat actor started advertising on underground forums a dump of Kodi’s user forum (MyBB) software. The hacker offered the data of 400,000 Kodi users, including on the now-defunct BreachForums cybercrime website.  The attackers compromised the account of an inactive administrator and accessed the web-based MyBB admin console on February 16 and 21, creating database backups and downloading existing nightly full backups. “The nightly full backups that were downloaded expose all public forum posts, all team forum posts, all messages sent through the user-to-user messaging system, and user data including forum username, email address used for notifications, and an encrypted (hashed and salted) password generated by the MyBB (v1.8.27) software,” Kodi said last week. All passwords, the software maker said, should be considered compromised, the same as user private data, including the information shared via the user-to-user messaging system. The admin team was working on performing a global password reset, Kodi said last week. On Tuesday, Kodi announced that it was working on commissioning a new forum server, an operation that was initially planned before discovering the incident. “We have chosen to redeploy the forum on the latest version of MyBB software. This requires us to extract and review all differences between the latest MyBB release and the fork we maintain, which includes numerous functional changes and backported security fixes,” Kodi announced this week.

https://www.securityweek.com/400000-users-hit-by-data-breach-at-media-player-maker-kodi/