Disney Consumer Products and Interactive Media has confirmed a data breach that affected some users of its Playdom forums.
A spokesperson for the business segment of the Walt Disney Company explains in a statement that security teams detected the incident back in July:
“On July 12, 2016, we became aware that an unauthorized party gained access to the Playdom Forum servers. We immediately began investigating the incident and discovered that on July 9 and July 12, 2016, the unauthorized party acquired certain user information from the playdomforums.com site.”
The actor is believed to have accessed the usernames, email addresses, passwords, and IP addresses of Playdom Forum users.
According to the site’s statistics, there were 356,000 registered users prior to the breach’s discovery.
At this time, it’s unclear how the attacker gained access to Disney’s forum servers. Security researcher Troy Hunt believes the breach might be connected to Playdom’s use of a vulnerable version of forum software vBulletin.
A post on vBulletin’s own forums seems to confirm that point.
A screenshot of the Playdom Forums taken by the Wayback Machine’s internet archiving system. (Source: Naked Security)
In response to the breach, Disney has invalidated all Playdom users’ passwords and notified law enforcement of the incident. The company has also shut down the playdomforums, website and launched a new forum with “enhanced security measures.”
For users who may have been affected by the breach, Disney offers the following advice:
“If you use the same password on other online accounts, we recommend you set new passwords on those accounts immediately. Internet security experts recommend using different passwords for each account and electing passwords that are hard to guess. In addition, we will never ask you for personal or account information in an email, so please exercise caution if you receive unsolicited emails that ask for that information.”
It’s important that users create a strong, unique password for each of their web accounts. Doing so will help protect against password reuse attacks, such as those campaigns which recently targeted Carbonite’s users.