Earlier this week, the uTorrent team, which is part of BitTorrent Inc, was notified of the issue by one of their vendors. While the vulnerability didn’t originate at the uTorrent forums, it was indirectly compromised. Hackers were able to get the whole user database. The company announced the hack in an important security advisory on its forum as below: “On June 6th, 2016, BitTorrent was made aware of a security issue involving the vendor which powers our forums. The vulnerability is believed to be originated at one of its vendors, who alerted the BitTorrent team about the issue earlier this week. The vulnerability appears to have been through one of the vendor’s other clients, however it allowed attackers to access some information on other accounts. As a result, attackers were able to download a list of our forum users. We are investigating further to learn if any other information was accessed. Our vendor has made backend changes so that the hashes in the file do not appear to be a usable attack vector. As a precaution, we are advising our users to change their passwords. While the passwords may not be used as a vector on the forums, those hashed passwords should be considered compromised. Anyone using the same password for forums as well as other places is strongly advised to update their passwords and/or practice good personal security practices.” The company has not confirmed the number of accounts compromised and data stolen in this hack. If you are the user of ?Torrent and have the account on ?Torrent Forums, you should change your Forums password now. Further, if you use the same passwords for other websites, you must change the passwords of all other websites.
