14 DAY TRIAL // Data belonging to 2.5 million members of two gaming forums hacked in 2015 has found its way to the surface.
Back in 2015, two gaming forums were breached, namely XBOX360 ISO and PSP ISO, both helping gamers gain access to illegal copies of Xbox and PlayStation games, as their names suggest.
According to information currently available, PSP ISO was breached in September 2015, and almost 1.3 million accounts were exposed along with email and IP addresses, as well as password hashes. The Xbox 360 ISO forum was also breached around the same period of time, exposing 1.2 million accounts, complete with the same type of data - email, IP address, password hashes.
Of course, it remains unclear just who is behind the entire hack, as it often happens. Regardless, the information is now online, so users of these particular forums are advised to secure their email accounts and be highly vigilant about phishing schemes and other cyber-attacks.
Furthermore, changing their passwords is also advisable. It is well known that most people reuse their passwords, which would make the life easier for hackers given the fact that they can simply go and try out the same or a simple variation to the password users had on the two aforementioned forums.
Unprotected data
The fact that the data is just now surfacing indicates that hackers have probably already exploited the information or the data has suddenly lost its value as people changed their passwords and can no longer be easily hacked. Given how long it has passed since the data breach was made public, we’re pretty certain that most users have already taken some precautions.
Troy Hunt, founder of Have I Been Pwned, a site where you can enter your email address and verify if it appears on any of the lists of dumped data, states that none of the information was encrypted. “They both used hashes (which is not encryption!) to store passwords, but they used a very weak algorithm which would render the cryptographic protection near useless,” he told us over email.