Cyber Incident Victim: SocialEngineered.net

The SocialEngineered.net forum suffered a security breach approximately on June 13, 2019, when an attacker exploited a vulnerability in the MyBB forum software. This vulnerability, publicly disclosed with technical details on June 11, involved a stored cross-site scripting (XSS) flaw combined with a file write capability, enabling remote code execution and full compromise of the target system. MyBB released a patched version on June 12, but the forum had not applied the update in time, allowing the attacker to infiltrate the site. On the same day as the breach, the attacker exfiltrated and publicly released the forum's entire database and root directory contents on a hacker forum. The leaked data included records for 55,121 registered users, containing usernames, email addresses, IP addresses, private messages, and passwords stored as salted MD5 hashes. The attacker's post claimed possession of additional materials beyond user data, specifically referencing the website's source code and comprehensive activity logs.

The breach's impact expanded rapidly as the stolen database appeared on multiple leak platforms, including another prominent hacker forum where users celebrated its availability on June 14. HaveIBeenPwned independently verified the dataset on June 23, confirming it contained 89,000 unique email addresses associated with the 55,000 compromised accounts. Forum ownership acknowledged the incident on June 24, attributing the breach directly to the unpatched MyBB vulnerability and disclosing their migration to the XenForo platform to prevent recurrence. Users were advised to immediately change their forum passwords, though no details were provided regarding broader remediation efforts or forensic investigations. The incident exposed sensitive communications and credential data from a community focused on social engineering tactics, potentially enabling follow-on attacks against members through credential reuse or targeted phishing campaigns.