Kodi confirms data breach: hackers steal 400K user records and private messages

Kodi, a company that provides open-source media player software, recently confirmed a data breach. According to the company, hackers accessed its MyBB forum database, which contained user data and private messages. The cybercriminals then attempted to sell the data, which included 400,635 user records, on a defunct cybercrime marketplace. The attackers used the account of an inactive forum admin member to access the web-based MyBB admin console twice in February. They then created database backups, which they downloaded and deleted, as well as existing nightly full backups of the database. Kodi says there is no evidence that the hackers gained unauthorized access to the underlying server hosting the MyBB software. Nevertheless, the company is initiating a global password reset, taking down the Kodi forum, and commissioning a new server to redeploy the forum on the latest version of MyBB software. Kodi is also implementing additional security measures such as hardening access to the MyBB admin console and improving audit logging and backup processes.