Everything About the HWZ Security Breach Whereby 685K Accounts Were Affected

If you’re a Singaporean, chances are you’ll know about Hardwarezone (HWZ).

Or more specifically, you hope not to catch their attention.

Because the people HWZ forums can be quite merciless if they want to be.

Like this.

Image: hardwarezone.com.sg

That’s the 39th thread on the same person, by the way spanning over a few years liao.

Recently, HWZ made an appearance on the internet headlines, this time for something really bad.

HWZ Security Breach Since Sep 17 & Affected 685,000 Accounts

On 18 February, a suspicious post was posted onto the forum, leading to suspicions that the website’s security has been breached.

The folks at HWZ immediately launched an investigation and proved their suspicions correct.

They found that a senior moderator’s account was hacked into.

And that’s not the worst part.

The account was compromised since September 2017.

Yup, the security breach has been going on for 5 months.

Image:Me.me

During this period, the hacker retrieved about 685,000 user profiles’ data.

These include the names, email address, User ID and possible optional data fields that users input into the system.

Luckily, there were no personal data like NRIC number, address or telephone within the database.

The organisation has lodged a police report, as well as informed PDPC about the security breach.

They advise all users to change the password of their accounts and apologise sincerely for the issue.

Mixed reactions in the HWZ forums

Curious about how the folks at HWZ were taking the reverse situation (since they usually CSI others, and now the breach is showing their own private details to an outsider), we took a jaunt within HWZ territory.

And it seems they were pretty mixed about it.

There are the chillax guys

Image: hardwarezone.com.sg
Image: hardwarezone.com.sg

But of course, you can see some gan chiong people also.

Image: hardwarezone.com.sg

And those who sees the silver lining in every cloud

Image: hardwarezone.com.sg

But this guy asked the right question

Image: hardwarezone.com.sg

How the hell could the IT guys have missed this?!

I bet that’s what most of you are thinking.

And here’s the simple answer: if you can’t see it, it doesn’t mean it’s not there.

People usually detect hackers because their account or system did something out of the ordinary, like this case.

The administrators only suspected something when a suspicious post was made.

Some of you reading this probably have malware or virus hiding in your system, quietly collecting information without alerting you.

That’s why it’s always good to practise good internet security habits like changing passwords frequently and doing a full scan of your system from time to time.

Of course, it goes without saying that you should invest in a good antivirus lah.

P/S: If you’re an HWZ user, change your password hor.

Always quarrel with your bae? Then you need to watch this video and learn this trick on how to resolve arguments without any compromise or apology (and also subscribe to Goody Feed YouTube channel):

This article was first published on goodyfeed.com

Read Also

Do you love writing? Do you want a platform to showcase your works? Goody Feed is looking for part-time writers to join the team! Click here to find out more

Feature Image: channelnewsasia.com

Â