Cyber Incident Victim: MacGeneration

In early February 2022, MacGeneration experienced a significant cybersecurity incident when attackers exploited a vulnerability in a third-party module to infiltrate its infrastructure and gain access to its database server. The intrusion was discovered following phishing attempts targeting the organization’s journalists and developers, prompting an immediate comprehensive audit of all servers. Security measures were rapidly implemented to neutralize the compromised servers used by the attackers. Prior to the breach, MacGeneration had proactively deleted a portion of long-inactive user accounts, though data from 102,262 active and inactive member accounts was exfiltrated. The compromised information included usernames and email addresses stored in plain text, while passwords were protected using SHA-512 hashing with salting. The attack’s motivation remained unclear, with MacGeneration assessing the potential consequences as likely limited despite the scale of data exposure.

MacGeneration’s response included direct email notifications to all active members—defined as those who had logged in at least once within the preceding twelve months—alongside a public disclosure on their platform. The organization advised users to either delete unused accounts or change passwords for active ones. They formally reported the incident to Have I Been Pwned? to facilitate password manager alerts and notified the French data protection authority (Cnil) in compliance with regulatory obligations. Plans were announced to file a legal complaint in the coming days. Accounts with invalid email addresses or suspected spam associations were flagged for gradual deletion as part of ongoing data minimization efforts. MacGeneration issued a public apology for the breach while continuing to investigate the attack’s full ramifications, maintaining openness to additional inquiries from affected parties.