In mid-July last year the Epic Games forum had been hacked, leaving thousands of users compromised. Now, just over a year later, history has repeated itself, this time though, over 800,000 logins have been stolen. Records of private messages, email addresses and more were also taken in the attack according to reports.
In an official statement, Epic Games explained that the Unreal Engine and Unreal Tournament forums were specifically targeted this time around and while no passwords were taken, other bits of info were affected.
The hackers managed to break in by exploiting an SQL injection vulnerability in the vBulletin CMS. This problem is fixed in newer versions of vBulletin but the Epic forums were running on an outdated version. The attack itself took place on the 11th of August and for the time being, the affected forums have been put into maintenance mode.
KitGuru Says: This is the second time the Epic Games forum has been compromised in recent memory, which isn’t great news for users of the site. Hopefully something can be done to boost security after this.