Comodo, which describes itself as "a global leader in cybersecurity solutions", said its forum has been hacked.
The acceptance came in at least the posting of a forum, which confirmed that one of the hackers took advantage of a recently disclosed security vulnerability on vBulletin, a popular forum program used by Comodo. The bug, which requires a little skill to exploit, allows the attacker to run malicious code remotely on a weak forum. In this case, the exploit was used to completely empty the user database.
An exploitation code was released on September 23. Two days later, vBulletin released patches for the program.
But despite claiming to disclose that it takes "security very seriously" and is a "top priority", the company did not immediately correct its forum program. Four days after the patches were released, her forum was hacked.
According to the disclosure, Comodo said that hackers stole user names, names, and email addresses, as well as the user's last IP address used to access the forum. Some social media handles were also stolen.
Komodo said it had about 245,000 registered users.
This is not the most harmful breach of all time, but it is an addictive security breach of a company that claims to be inappropriate in these matters.
This is Comodo's second security flaw this year after another breach involving a password, which allowed the security researcher to access the company's intranet – and access files and internal documents.