Cyber Incident Victim: Web Hosting Talk

On July 4, 2016, hackers breached the media company Penton, compromising databases from multiple online forums including Web Hosting Talk, Mac Forums, HotScripts.com, dbForums, and A Best Web. The attackers exfiltrated over 1.4 million user records containing email addresses, usernames, and password hashes. The breach remained undisclosed until October 2025, when an individual using the alias "uid0" advertised the stolen databases for sale on the dark web marketplace The Real Deal. The seller priced the combined datasets at 7.2 bitcoin (approximately $4,752 USD based on contemporaneous exchange rates). Security researchers at LeakedSource, a data breach notification service, independently confirmed the intrusion and identified Penton as the common corporate owner of all affected platforms. The compromised credentials affected 1,442,602 unique user accounts across the five forums.

LeakedSource publicly disclosed the incident on October 7, 2025, noting that passwords were protected using salted MD5 hashing – a cryptographic method considered outdated and vulnerable to rapid cracking attempts. The service reported successfully deciphering approximately 60% of the stolen password hashes within two hours of computational analysis. While the exact timeline of the breach's discovery by Penton remained unspecified in available records, the exposure placed forum users at significant risk of credential-stuffing attacks due to the prevalence of password reuse across online services. The datasets' appearance on underground markets enabled malicious actors to exploit the cracked credentials for unauthorized account access. No information regarding containment measures implemented by Penton or the affected forums was documented in the source material.