OpenWRT Forum User Data Stolen In Weekend Data Breach

The OpenWRT forum, a large community of enthusiasts of alternative, open-source operating systems for routers, announced a data breach over the weekend. Bleeping Computer reports: The attack occurred on Saturday, around 04:00 (GMT), when an unauthorized third party gained admin access to and copied a list with details about forum users and related statistical information. The intruder used the account of an OpenWRT administrator. Although the account had “a good password,” additional security provided by two-factor authentication (2FA) was not active. Email addresses and handles of the forum users have been stolen, the moderators say. They add that they believe the attacker was not able to download the forum database, meaning that passwords should be safe. However, they reset all the passwords on the forum just to be on the safe side and invalidated all the API keys used for project development processes.

Users have to set the new password manually from the login menu by providing their user name and following the “get a new password” instructions. Those logging in using GitHub credentials are advised to reset or refresh it. The OpenWRT forum credentials are separate from the Wiki. Currently, there is no suspicion that the Wiki credentials have been compromised in any way. OpenWRT forum administrators warn that since this breach exposed email addresses, users may become targets of credible phishing attempts.