{"id":8592,"date":"2025-02-16T05:36:31","date_gmt":"2025-02-16T04:36:31","guid":{"rendered":"https:\/\/wsj-crypto.com\/?p=8592"},"modified":"2025-02-16T05:36:31","modified_gmt":"2025-02-16T04:36:31","slug":"ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database","status":"publish","type":"post","link":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/","title":{"rendered":"Ethical Hacking Alert: Breach Uncovered in Ethereum.org Forum&#8217;s Database"},"content":{"rendered":"<p><\/p>\n<div id=\"\">\n<p class=\"chakra-text css-gi02ar\">On December 16, we became informed that an individual or group had recently obtained unauthorized access to a database from <!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"http:\/\/forum.ethereum.org\/\">forum.ethereum.org<!-- --><\/a>. We promptly initiated a comprehensive investigation to ascertain the source, character, and extent of this occurrence. Here is what we have discovered:<!-- --><\/p>\n<p><!-- --><\/p>\n<ul role=\"list\" class=\"css-1onhfjo\">\n<li class=\"css-cvpopp\">The data that was recently accessed is a backup of the database from April 2016, containing details about 16.5k forum users.<!-- --><\/li>\n<li class=\"css-cvpopp\">The information that was disclosed includes<br \/>\n<!-- --><\/p>\n<ul role=\"list\" class=\"css-1onhfjo\">\n<li class=\"css-cvpopp\">Messages, both public and private<!-- --><\/li>\n<li class=\"css-cvpopp\">IP addresses<!-- --><\/li>\n<li class=\"css-cvpopp\">Usernames and email addresses<!-- --><\/li>\n<li class=\"css-cvpopp\">Profile details<!-- --><\/li>\n<li class=\"css-cvpopp\">Hashed passwords<br \/>\n<!-- --><\/p>\n<ul role=\"list\" class=\"css-1onhfjo\">\n<li class=\"css-cvpopp\">~13k bcrypt hashes (salted)<!-- --><\/li>\n<li class=\"css-cvpopp\">~1.5k WordPress hashes (salted)<!-- --><\/li>\n<li class=\"css-cvpopp\">~2k accounts lacking passwords (utilized federated login)<!-- --><\/li>\n<\/ul>\n<p><!-- --><\/li>\n<\/ul>\n<p><!-- --><\/li>\n<li class=\"css-cvpopp\">The perpetrator disclosed that they are the same individual or individuals who <!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"http:\/\/www.coindesk.com\/hackers-stole-300k-blockchain-investor\/\">recently breached Bo Shen<!-- --><\/a>.<!-- --><\/li>\n<li class=\"css-cvpopp\"><span style=\"font-weight:400\">The attacker employed social manipulation to access a mobile phone number, enabling them to infiltrate other accounts, one of which granted access to an older database backup from the forum.<!-- --><\/span><\/li>\n<\/ul>\n<p>We are implementing the following measures:<br \/>\n<!-- --><\/p>\n<ul role=\"list\" class=\"css-1onhfjo\">\n<li class=\"css-cvpopp\">Users of the forum whose data may have been affected by the breach will receive an email with more information.<!-- --><\/li>\n<li class=\"css-cvpopp\">We have secured the unauthorized access points involved in the breach.<!-- --><\/li>\n<li class=\"css-cvpopp\">We are applying more stringent security protocols internally, such as eliminating recovery phone numbers from accounts and utilizing encryption for sensitive information.<!-- --><\/li>\n<li class=\"css-cvpopp\">We will be supplying the email addresses that we believe were compromised to <!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"https:\/\/haveibeenpwned.com\">https:\/\/haveibeenpwned.com<!-- --><\/a>, a service designed to connect with affected users.<!-- --><\/li>\n<li class=\"css-cvpopp\">We will be resetting all forum passwords, effective immediately.<!-- --><\/li>\n<\/ul>\n<p>If you were impacted by the breach, we suggest you take the following actions:<br \/>\n<!-- --><\/p>\n<ul role=\"list\" class=\"css-1onhfjo\">\n<li class=\"css-cvpopp\">Ensure that your passwords are not duplicated across different services. If you have reused your forum.ethereum.org password elsewhere, please change it in those locations.<!-- --><\/li>\n<\/ul>\n<p>In addition, we recommend <!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"http:\/\/blog.kraken.com\/post\/153209105847\/security-advisory-mobile-phones\">this informative blog post by Kraken<!-- --><\/a> that offers valuable advice on how to safeguard against these types of breaches.<br \/>\n<!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">We sincerely apologize for this incident and are diligently working both internally and with external partners to rectify the situation.<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">Inquiries can be directed to <!-- --><a class=\"chakra-link css-ug8vf0\" href=\"https:\/\/blog.ethereum.org\/en\/2016\/12\/19\/mailto:security@ethereum.org\">security@ethereum.org<!-- --><\/a>.<!-- --><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/blog.ethereum.org\/en\/2016\/12\/19\/security-alert-12192016-ethereum-org-forums-database-compromised\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>On December 16, we became informed that an individual or group had recently obtained unauthorized access to a database from forum.ethereum.org. We promptly initiated a comprehensive investigation to ascertain the source, character, and extent of this occurrence. Here is what we have discovered: The data that was recently accessed is a backup of the database<\/p>\n","protected":false},"author":3,"featured_media":8282,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23],"tags":[1306],"class_list":["post-8592","post","type-post","status-publish","format-standard","has-post-thumbnail","category-ethereum","tag-return-a-list-of-comma-separated-tags-from-this-title-security-alert-12-19-2016-ethereum-org-forums-database-compromised"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Ethical Hacking Alert: Breach Uncovered in Ethereum.org Forum&#039;s Database - WSJ-Crypto<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ethical Hacking Alert: Breach Uncovered in Ethereum.org Forum&#039;s Database - WSJ-Crypto\" \/>\n<meta property=\"og:description\" content=\"On December 16, we became informed that an individual or group had recently obtained unauthorized access to a database from forum.ethereum.org. We promptly initiated a comprehensive investigation to ascertain the source, character, and extent of this occurrence. Here is what we have discovered: The data that was recently accessed is a backup of the database\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/\" \/>\n<meta property=\"og:site_name\" content=\"WSJ-Crypto\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-16T04:36:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"2100\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"wsjcrypto\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"wsjcrypto\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minuti\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/\",\"url\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/\",\"name\":\"Ethical Hacking Alert: Breach Uncovered in Ethereum.org Forum's Database - WSJ-Crypto\",\"isPartOf\":{\"@id\":\"https:\/\/wsj-crypto.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\",\"datePublished\":\"2025-02-16T04:36:31+00:00\",\"author\":{\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7\"},\"breadcrumb\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/#primaryimage\",\"url\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\",\"contentUrl\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\",\"width\":2100,\"height\":900},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/wsj-crypto.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ethical Hacking Alert: Breach Uncovered in Ethereum.org Forum&#8217;s Database\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/wsj-crypto.com\/#website\",\"url\":\"https:\/\/wsj-crypto.com\/\",\"name\":\"WSJ-Crypto\",\"description\":\"Just Another Crypto News Website\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/wsj-crypto.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7\",\"name\":\"wsjcrypto\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g\",\"caption\":\"wsjcrypto\"},\"url\":\"https:\/\/wsj-crypto.com\/index.php\/author\/wsjcrypto\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ethical Hacking Alert: Breach Uncovered in Ethereum.org Forum's Database - WSJ-Crypto","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/","og_locale":"it_IT","og_type":"article","og_title":"Ethical Hacking Alert: Breach Uncovered in Ethereum.org Forum's Database - WSJ-Crypto","og_description":"On December 16, we became informed that an individual or group had recently obtained unauthorized access to a database from forum.ethereum.org. We promptly initiated a comprehensive investigation to ascertain the source, character, and extent of this occurrence. Here is what we have discovered: The data that was recently accessed is a backup of the database","og_url":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/","og_site_name":"WSJ-Crypto","article_published_time":"2025-02-16T04:36:31+00:00","og_image":[{"width":2100,"height":900,"url":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","type":"image\/jpeg"}],"author":"wsjcrypto","twitter_card":"summary_large_image","twitter_misc":{"Scritto da":"wsjcrypto","Tempo di lettura stimato":"2 minuti"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/","url":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/","name":"Ethical Hacking Alert: Breach Uncovered in Ethereum.org Forum's Database - WSJ-Crypto","isPartOf":{"@id":"https:\/\/wsj-crypto.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/#primaryimage"},"image":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/#primaryimage"},"thumbnailUrl":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","datePublished":"2025-02-16T04:36:31+00:00","author":{"@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7"},"breadcrumb":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/"]}]},{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/#primaryimage","url":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","contentUrl":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","width":2100,"height":900},{"@type":"BreadcrumbList","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/16\/ethical-hacking-alert-breach-uncovered-in-ethereum-org-forums-database\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wsj-crypto.com\/"},{"@type":"ListItem","position":2,"name":"Ethical Hacking Alert: Breach Uncovered in Ethereum.org Forum&#8217;s Database"}]},{"@type":"WebSite","@id":"https:\/\/wsj-crypto.com\/#website","url":"https:\/\/wsj-crypto.com\/","name":"WSJ-Crypto","description":"Just Another Crypto News Website","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wsj-crypto.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Person","@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7","name":"wsjcrypto","image":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g","caption":"wsjcrypto"},"url":"https:\/\/wsj-crypto.com\/index.php\/author\/wsjcrypto\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/8592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/comments?post=8592"}],"version-history":[{"count":2,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/8592\/revisions"}],"predecessor-version":[{"id":8594,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/8592\/revisions\/8594"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/media\/8282"}],"wp:attachment":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/media?parent=8592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/categories?post=8592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/tags?post=8592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}