Please see the following
Ethereum Foundation Blog post for full details.
In brief
---
Accounts created before May 2016 have been compromised by access of a forum backup....
The information that was recently accessed is a database backup from April 2016 and contained information about 16.5k forum users.
The leaked information includes
Messages, both public and private
IP-addresses
Username and email addresses
Profile information
Hashed passwords
~13k bcrypt hashes (salted)
~1.5k WordPress-hashes (salted)
~2k accounts without passwords (used federated login)
The attacker self-disclosed that they are the same person/persons who recently hacked Bo Shen.
The attacker used social engineering to gain access to a mobile phone number that allowed them to gain access to other accounts, one of which had access to an old database backup from the forum.
---
Comments
The information that was recently accessed is a database backup from April 2016 and contained information about 16.5k forum users.
The leaked information includes
Messages, both public and private
IP-addresses
Username and email addresses
Profile information
Hashed passwords
~13k bcrypt hashes (salted)
~1.5k WordPress-hashes (salted)
~2k accounts without passwords (used federated login)
The attacker self-disclosed that they are the same person/persons who recently hacked Bo Shen.
The attacker used social engineering to gain access to a mobile phone number that allowed them to gain access to other accounts, one of which had access to an old database backup from the forum.[/quote]
Wow , this sucks, what was the exploit? Was it SIM card related?