Kodi, the open source home theater software developer, has announced that it is rebuilding its user forum after suffering a data breach in February. The breach was disclosed last week after a hacker advertised a dump of the MyBB software on underground forums. The data of 400,000 Kodi users, including on the now-defunct BreachForums cybercrime website, was offered. The attackers compromised the account of an inactive administrator and accessed the web-based MyBB admin console on February 16 and 21. All passwords and private user data, including information shared via the user-to-user messaging system, should be considered compromised, the company said. Kodi is hardening access to the MyBB admin console, revising admin roles, and improving audit logging and backup to improve security. The forum had over 400,000 members. Kodi is sharing the compromised email addresses with the Have I Been Pwned breach disclosure website and will send email notifications to all users once the new forum server is up and running.
To mitigate these potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net
Source: Securityweek