Hackers from Ourmine broke into the Unity Forum and told its members they had access to a database that had information on two million records.
Using the Unity forum's built-in mass email capability, the group sent emails to registered members after hacking and vandalising it over the weekend.
Users of the Unity forum are advised to change their passwords after receiving messages informing them that they have access to a database that contains the personal information of two million users.
The organisation intends to enhance service authentication through the implementation of two-factor authentication, a login alert system, and a revised password policy.
Source: https://securityaffairs.com/58646/data-breach/ourmine-hacked-unity-forum.html
TPRM report: https://scoringcyber.rankiteo.com/company/unity-technologies
"id": "uni14201123",
"linkid": "unity-technologies",
"type": "Breach",
"date": "05/2017",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '2 million',
'industry': 'Software',
'name': 'Unity',
'type': 'Company'}],
'attack_vector': 'Email Phishing',
'data_breach': {'number_of_records_exposed': '2 million',
'type_of_data_compromised': ['Personal Information']},
'description': 'Hackers from Ourmine broke into the Unity Forum and told its '
'members they had access to a database that had information on '
"two million records. Using the Unity forum's built-in mass "
'email capability, the group sent emails to registered members '
'after hacking and vandalising it over the weekend. Users of '
'the Unity forum are advised to change their passwords after '
'receiving messages informing them that they have access to a '
'database that contains the personal information of two '
'million users. The organisation intends to enhance service '
'authentication through the implementation of two-factor '
'authentication, a login alert system, and a revised password '
'policy.',
'impact': {'data_compromised': ['Personal Information'],
'systems_affected': ['Unity Forum']},
'motivation': 'Unspecified',
'response': {'communication_strategy': ['Advising users to change their '
'passwords'],
'remediation_measures': ['Implementation of two-factor '
'authentication',
'Login alert system',
'Revised password policy']},
'threat_actor': 'Ourmine',
'title': 'Unity Forum Data Breach',
'type': 'Data Breach'}