Sports blog jocks to crypto-cash nerds – here's who got pwned

Ethereum, Bleacher Report spill beans on security breaches

Two more websites say they have had user accounts sniffed by hackers.

Sports blog network Bleacher Report says that someone may have accessed a database containing user email addresses and passwords, while blockchain development site Ethereum says that a hacker managed to get hold of a database backup that contained the account information and hashed passwords of its forum users.

Both sites have reset all user passwords in response.

Bleacher Report says in a notice [PDF] that its breach came in early November, when someone was able to access the database containing the user names, email addresses, and passwords for both the Bleacher Report website and mobile application.

No payment card information was exposed. The company, which has been owned by media giant Turner Broadcasting since 2012, said it has reported the incident to law enforcement.

Meanwhile, Ethereum says that a hacker who recently laid claim to a $300,000 breach at another crypto-currency site has obtained an old backup of its user forum database. That backup contains the user names, email addresses, messaging history and salted passwords for about 16,500 users.

Ethereum said the hacker, who was also connected to an attack on investor Bo Shen, used social engineering to get access to a forum backup made in April of this year.

"We deeply regret that this incident occurred and are working diligently internally, as well as with external partners, to address the incident," Ethereum said.

In addition to changing Ethereum forum passwords, the site recommends users check and change accounts for other services that use the same password. ®

Sponsored: Becoming a Pragmatic Security Leader

Biting the hand that feeds IT © 1998–2019