Forum of the media center software Kodi hacked
The forum of the free media center software Kodi has been hacked. Anyone who is registered in the forum must reckon with the fact that their data has been compromised. In the meantime, a tool is available that can be used to check whether one’s own data is among the stolen.
Passwords and other personal data
Compromising the data stored in Kodi’s forum is extremely problematic, as the attackers had access not only to names and mail addresses, but also to the passwords used. If the password used at Kodi is also used elsewhere in combination with the mail address stored there, it is theoretically possible for attackers to retrieve and abuse these accounts as well. This could cause much more damage than in the Kodi forum itself.
The forum operators state that the passwords are only stored in protected form. However, it is unclear which hashing method is used for this, so that effective protection should not be assumed.
The forum itself is currently still offline. It was stated that the reconstruction after the attack could take a few more days. The reason given for this is that a changeover to the latest software is taking place in the course of the relaunch. According to initial information, there are no indications that the forum system was compromised in the course of the attack. It was also announced that all passwords will be reset. Anyone registered on the forum will therefore be prompted to set a new password the next time they try to log in.
Am I affected?
Those who are registered in the Kodi forum and now fear for their deposited data can meanwhile easily find out if they are among those stolen. The affected data set has meanwhile been uploaded to the Haveibeenpwned? portal. By entering one’s own mail address, it is possible to check whether one’s own data is in the data set.
Gehört zum Inventar