uTorrent is urging all forum users to change their passwords after an attacker gained access to one of its forum databases through its software vendor.
Torrent client uTorrent was acquired by BitTorrent Inc. back in 2006. Its developer team operates an IP.Board forum where users can contact one another as well as read announcements. That forum runs in a cloud-based app offered by Invision Power Services, a web community vendor of eCommerce, content management, and other services.
On Tuesday, the administrators of uTorrent announced an intrusion into the site’s forum:
“On June 6th, 2016, BitTorrent was made aware of a security issue involving the vendor which powers our forums. The vulnerability appears to have been through one of the vendor’s other clients, however it allowed attackers to access some information on other accounts.”
After attackers downloaded a list of the forum’s users, which contains more than 385,000 registered accounts, Invision Power Services made some backend changes to make sure no one could abuse the forum’s password hashes as a viable attack vector, reads the security advisory.
uTorrent is also working with Invision Power Services to determine whether attackers gained access to any additional information.
In the meantime, security researcher Troy Hunt has obtained access to the stolen forum database and posted it to his Have I Been Pwned data breach notification service. That file contains 34,000 uTorrent users’ email addresses, IP addresses, and salted SHA1 hashed passwords.
Users can search for their information on Hunt’s service. They should also follow uTorrent’s advice and change their passwords as soon as possible:
“As a precaution, we are advising our users to change their passwords. While the passwords may not be used as a vector on the forums, those hashed passwords should be considered compromised. Anyone using the same password for forums as well as other places is strongly advised to update their passwords and/or practice good personal security practices.”
For some strong password security tips, please click here.