The Kodi Foundation – the operators behind the highly successful open-source media-streaming app – has disclosed that they have suffered a data breach.
Investigations have determined that an inactive staff account was twice used to gain unauthorised access to the back-end database which powers the forum.
By gaining access to the staff members admin dashboard, the threat actors downloaded copies of the organization’s MyBB forum database containing user data and private messages and have offered it for sale online.
Currently, if you try to access the forum, you are greeted with a message to all users.
Posted on the 8th April, Team Kodi announced:
“The nightly full backups that were downloaded expose all public forum posts, all team forum posts, all messages sent through the user-to-user messaging system, and user data including forum username, email address used for notifications, and an encrypted (hashed and salted) password generated by the MyBB (v1.8.27) software.”
New forum coming soon
In the breach notification, Team Kodi say that they were already planning to migrate the forum to new servers and that the breach has now forced them to bring plans forward. As such the forum remains offline until the new system is up and running.
Check your details
As with all cases like this, the advice is to assume any passwords are now compromised and as a matter of course, change any existing Kodi credentials to new ones.
For those who might be wondering if their credentials have become swept up in this latest breach – the affected accounts are being uploaded to Haveibeenpwnd, so users are also advised to check on that site to see if their details are included.