HardwareZone Forum Users Warned After 685,000-Profile Breach
What Went Wrong?
Recently, a security investigation uncovered that 685,000 user profiles on the HardwareZone (HWZ) Forum were accessed without permission. The breach began back on September 2017 and was flagged following a suspicious post dated February 18, 2018.
How the Hack Happened
The culprit was an unidentified hacker who infiltrated a Senior Moderator’s account. Using those stolen credentials, the attacker mimicked the moderator and pulled names, email addresses, and user IDs—along with any optional data that had been stored. The HWZ database had already scrubbed NRIC numbers, phone numbers, and addresses back in July 2015, keeping it in line with the Personal Data Protection Commission (PDPC) guidelines.
What Users Should Do
- Immediately change your forum password.
- Check other accounts that share the same login details for any unusual activity.
- Watch for phishing attempts that might use the stolen information.
Company Response
SPH Magazines—HWZ’s owner—has taken swift action. A police report has been filed, and the PDPC has been notified. In addition, the company has hired external security consultants to conduct a comprehensive examination of its systems.
In a statement, SPH Magazines expressed sincere apologies: “We sincerely apologize to HWZ users for this security breach. We remain committed to protecting all personal data shared with us,” it read.
Contact Information
For more details, reach out to [email protected].
