685,000 Accounts Compromised in HardwareZone Forum Data Breach Drew Wilson | February 20, 2018 There’s been another data breach to report. This time, the HardwareZone forum is the latest victim. A large web forum based in Singapore is now the latest target of a data breach. According to Channel News Asia, a senior moderator had his account compromised. The attackers were able to gain access to the online profiles of approximately 685,000 accounts from there. The incident has been reported to the police as well. From the report: “The hacker used the compromised credentials to impersonate the senior moderator to retrieve user profile data which comprised name, email address and user ID, and possible optional data fields,” said SPH Magazines. It added that the database of the online tech portal did not contain NRIC numbers, telephone numbers and addresses as these had been purged in line with the Personal Data Protection Commission (PDPC) guidelines in July 2015. As a matter of precaution, forum users were advised to change their forum account password, SPH Magazines said, adding that it has also engaged security consultants to conduct “a thorough review of the system”. “SPH Magazines and HWZ sincerely apologise to HWZ users for this breach of security. We remain committed to protecting all personal data shared with us,” the release added. The news comes after what has been a relatively quiet month for large data breaches. Earlier this month, FedEx has 119,000 account compromised. Still, the largest breach we’ve noted so far this month is the Swisscom data breach where approximately 800,000 customers had their information compromised. The good news is that the breach itself may not necessarily contain highly sensitive information. However, hackers may be able to use passwords and test them on more sensitive related accounts. This is because some users have a tendency of re-using passwords for other accounts around the web. So, even though this breach in and of itself may be a smaller breach, it highlights the importance of using different passwords for different online services. Drew Wilson on Twitter: @icecube85 and Google+.