Comodo, which bills itself as a “global leader in cybersecurity solutions,” said its forum was hacked.
The admission came in no less than a forum post, which confirmed a hacker exploited a recently disclosed vulnerability in vBulletin, a popular forum software that Comodo uses on its site. The flaw, which requires little skill to exploit, allows an attacker to remotely run malicious code on a vulnerable forum. In this case, the exploit was used to dump the entire user database.
Exploit code was released on September 23, but patches were released two days later on September 25.
But despite claiming in it disclosure that it takes “security very seriously” and is its “highest priority,” the company didn’t immediately patch its forum software. Four days later, its forum was hacked.
According to the disclosure, Comodo said the hackers stole usernames, names and email addresses, and the last IP adress used to access the forum. Some social media handles were also stolen in the breach.
Comodo said it has about 245,000 registered forum users.
It’s not the most damaging breach on record but it’s a bruising security lapse for a company that claims to be half-decent at this stuff.
It’s Comodo’s second security snafu this year after another breach involving an exposed password, which allowed a security researcher access to the company’s intranet — and access to internal files and documents.
An exposed password let a hacker access internal Comodo files
