HTCMania it is one of the forums on mobile more popular in Spanish, with more than one and a half million registered members. Of that total, according to has confirmed the service HaveIBeenPwned , 1.488.089 accounts have seen their data exposed in a security breach produced in an unauthorized attack.
In HaveIBeenPwned have confirmed that the gap occurred on the 4th of Januaryand that left the discovered sensitive data like birth dates, e-mails, user names, IP addresses, and encrypted passwords.
The administration of HTCMania already spoke of “possible unauthorized access” in march
The administrator of HTCMania, Jorgekai, he explained in the forum on march 1, 2020 that there had been a “possible unauthorized access” in the forum”. In the statement, urging to change the password periodically. In Addition, Jorgekai stated that they had met with the Group of Crimes Telematic the Guardia Civil, and were able to verify that the data was filtered. Since the forum highlighted that in the user base, the only sensitive data you handle is the mail log.
However, it stressed that the passwords were not compromised, to be stored encrypted (MD5 with double salt) in the database. That are encrypted does not prevent that may be to decipher, but makes it very unlikely. The administrator also notes that it was not the software of the forum, based on the platform vBulletin, which suffered the attackbut the servers of your service provider.
At the time of learning of the attack, from HTCMania not sent an e-mail to potential affected. According to jorge_kai did not do so because for many years not asked for mail-in registration. To check if your email is in the group of exposed, you can go HaveIBeenPwned and enter yours. If it is, you’ll see a message like the screenshot below.
On the web, along with HTCMania, you are likely to see other large gaps in which you have been involved your email address. For this and other cases, we strongly recommend that you change your passwords, both in HTCMania as on other websites where you used the same password associated to your email address exposed, you use a manager with strong passwords, and that, above all, never repeat in any record.
Disney+ is here: try it free for 7 days. After, 6,99 euros a month or 69,99 euros the annual subscription.
it was originally published in