The HardwareZone (HWZ) Forum website was recently hit by a security breach, affecting approximately 685,000 user profiles, said the site’s owner SPH Magazines said in a news release recently.
According to the news release, a suspicious post had prompted an investigation to ascertain whether a security breach had indeed occurred.
Following investigations, it was eventually revealed that a senior moderator’s account had been compromised by an unidentified hacker. The hacker then used this account to access the user profiles since September 2017.
“By using the compromised credentials from the hacked account to impersonate the senior moderator, the hacker managed to retrieve user profile data which comprised name, email address and user ID, and possible optional data fields,” said SPH Magazines.
Advised to change their forum account password
Fortunately, it added that the database of the online tech portal did not contain NRIC numbers, telephone numbers and addresses as these had been purged in line with the Personal Data Protection Commission (PDPC) guidelines in July 2015.
As a matter of precaution, forum users were advised to change their forum account password, SPH Magazines said, adding that it has also engaged security consultants to conduct “a thorough review of the system”.
A police report has been lodged and PDPC has been informed, SPH Magazines said.
SPH Magazines and HWZ has since sincerely apologised to HWZ users for this breach of security.
“Users can rest assured that we remain committed to protecting all personal data shared with us,” the release added.