All phpBB usernames & passwords have been stolen
I just read here: that all their members user names and passwords have been stolen. Quote:
The attacker was able to steal all email addresses from our mailing list, as well as the password hashes from this board's database. In a reckless act of showmanship, he later posted all this information on a blog.
We urge all our community members to change their passwords as soon as possible. If you have used the same password on any other site, then we strongly recommend changing it there as well.
Most people there own a phpbb message board and it will probably be very easy to link the usernames to their board. Also, because a lot of webmaster use the same passwords on many other websites, including their own forums administrator account this is a huge security risk. Please go ahead and change all your passwords if you were using the phpBB forums!
He posted his 'success' story in his one-page blog
here. A nasty exploit is seems. Hope this will not happen too all of our phpbb forums!
This is not a joke!
