Cyber Incident Victim: Mac Forums

On or around July 4, 2016, hackers breached the media company Penton, compromising databases for multiple online forums including Mac Forums, Web Hosting Talk, HotScripts.com, dbForums, and A Best Web. The attackers exfiltrated approximately 1.4 million user records containing email addresses, passwords, and other unspecified data. The stolen credentials were cryptographically protected using salted MD5 hashing, though this algorithm was considered weak by contemporary security standards. An individual using the alias "uid0" subsequently offered the combined databases for sale on the dark web marketplace The Real Deal, pricing the data at 7.2 bitcoin (equivalent to approximately $4,752 at the time of reporting). LeakedSource, a data breach monitoring service, independently confirmed the intrusion and analyzed the exposed datasets, reporting that attackers had successfully cracked roughly 60% of the hashed passwords within two hours of obtaining the databases due to MD5's vulnerabilities.

LeakedSource publicly disclosed the breach on an unspecified Friday evening in 2016, identifying the total affected user count as 1,442,602 across the five compromised platforms. The service operator specifically confirmed the inclusion of Mac Forums among the impacted sites alongside Web Hosting Talk and HotScripts. While the exact timeline of intrusion detection remained undisclosed, the breach's public exposure occurred months after the initial compromise, with Vice reporting on the incident in October 2025 based on LeakedSource's findings. No official statements from Penton or forum administrators regarding containment measures were documented in available sources. LeakedSource advised affected users to immediately change their forum passwords and avoid password reuse across multiple services as primary remediation steps following the exposure. The incident demonstrated the risks associated with outdated cryptographic practices despite basic security measures like salting being implemented.