OpenWRT Forum User Data Stolen In Weekend Data Breach

The OpenWRT forum, a large community of enthusiasts of alternative, open-source operating systems for routers, announced a data breach over the weekend. Bleeping Computer reports: The attack occurred on Saturday, around 04:00 (GMT), when an unauthorized third party gained admin access to and copied a list with details about forum users and related statistical information. The intruder used the account of an OpenWRT administrator. Although the account had "a good password," additional security provided by two-factor authentication (2FA) was not active. Email addresses and handles of the forum users have been stolen, the moderators say. They add that they believe the attacker was not able to download the forum database, meaning that passwords should be safe. However, they reset all the passwords on the forum just to be on the safe side and invalidated all the API keys used for project development processes.

Users have to set the new password manually from the login menu by providing their user name and following the "get a new password" instructions. Those logging in using GitHub credentials are advised to reset or refresh it. The OpenWRT forum credentials are separate from the Wiki. Currently, there is no suspicion that the Wiki credentials have been compromised in any way. OpenWRT forum administrators warn that since this breach exposed email addresses, users may become targets of credible phishing attempts.

This can't be good.

[calibre97]

Right?

Re:

[wuulfgar]

There was a time that within 30 seconds of a post, there'd be 100s of comments. Even with everyone home due to quarantines, this is just weird. A ghost town. OpenWRT is kinda a big deal, innit?

Re:

[Sebby]

I don't think all /. viewers necessarily see the most recent stories at the same time now. I've noticed that there seems to be a delay between when a story first goes up, and the time there's votes and inflow of comments.

Re:

[Jerry Coffin]

If only we could find somebody with a user number low enough to remember those ancient times....

Re:

[timelorde]

Seems like just yesterday to me. Ancient times is more like posting something to comp.sys.next.advocacy, and waiting days for replies to trickle in.

Re:

[OrangeTide]

good grief.

Re:

[eagle52997]

It was good, I think it pushed companies to make their own web portals more responsive and feature rich. It might still be useful for extending the life of older routers, but I haven't used it for a few years now.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Rockoon]

One would presume that people smart enough to use OpenWrt would be smart enough to not use the same password on multiple sites.

I guess you just cant expect the forum site administrators for people smart enough to use OpenWRT to be that smart, eh?

Re:

[GameboyRMH]

I'd hate it if my username and email address were publicly exposed!

Re:

[drinkypoo]

It's not good, but it's not that bad. I for one have my email address all over the place and promote openwrt regularly, so I am no more a phishing target than I was last week.

Email notification to change password

[felixrising]

Oh good, I just got an email from them asking me to update my password, let me just click through and do that real quick....

can't login

[crispi]

just tried to login. Failed. Just tried to reset my password. They say my account does not exist.

Maybe they've restored to an old backup?

I can always tell when this happens...

[bobjr94]

Normally wake up to 2-4 junk mails, then one day I will have 40+. A few days later get an email or notification that my email address was found in a recent data breach from a website. The spammers love fresh email lists, they don't care about the data breach really, they just download and use or sell the newly found email addresses.