Approximately 685,000 registered user profiles of HardwareZone (HWZ) were affected by a security breach, HWZ owner SPH Magazines announced in a news release on Tuesday (Feb 20).
The security breach was discovered on Sunday (18 Feb) after they discovered “suspicious posting”.
An investigation revealed that a senior moderator’s account had been hacked, dating back till September 2017, and the hacker had access to user profiles since then.
The hacker, who remains unidentified, had used the compromised account to retrieve user profile data from 685,000 users.
The data included their name, email address and user ID, as well as other optional data fields such as users’ birthdays or preferences.
HWZ, which is widely used for both technology-related news as well as its forums, stated that the NRIC numbers, telephone numbers and home addresses of users were not stolen by the hacker.
HWZ has since urged all forum users to change their forum account password, and has engaged security consultants to review their system software.
It also lodged a police report to track down the currently unidentified hacker/group of hackers, and informed the Personal Data Protection Commission (PDPC).
HWZ ended their statement with an apology:
“SPH Magazines and HWZ sincerely apologise to HWZ users for this breach of security. We remain committed to protecting all personal data shared with us”.