Add two more websites to the already long list of sites that have been hacked as of late. Nvidia’s developer forum and Phandroid’s AndroidForums.com have both been breached and it is believed that usernames and hashed passwords were among the data stolen during each attack.
Nvidia has temporarily shut down their Developer Zone in response to attacks on the site by unauthorized third parties. A statement by the graphics company notes that the culprits may have gained access to hashed passwords. Nvidia says they are investigating the matter and working to restore secure operations but in the meantime, everyone is advised to change any identical passwords used on other websites.
Earlier this week AndroidForums.com was targeted in a similar attack. The hacker(s) used a known exploit to gain access to usernames, hashed passwords and potentially any other data that a member may have submitted during registration. The fan site has over a million registered members, although the administrators believe the attack was carried out to collect email addresses to send spam messages to at a later date.
Senior technology consultant Graham Cluley from security firm Sophos points out that password re-use in a big problem and that an alarming number of people use the same password on multiple websites. The main reason for this is that it’s easier to remember a single password but the consequence of essentially being lazy is that once your credentials are compromised at one site, it becomes extremely easy for someone with bad intentions to gain access to other accounts linked to the same username or email address.