PakWheels, a famous automotive classified website in Pakistan has revealed that their server was breached by an unknown third party exposing personal data of registered users. In an email sent to users on 26th December, the site explained that hackers were able to conduct this breach by exploiting a known vulnerability in the outdated vBulletin forum software.
Although PakWheels didn’t reveal the number of affected users, we at HackRead have inside details on this breach according to which the number of targeted users impacted by this breach goes over 674,775 users including names, emails, encrypted passwords, mobile number, and Facebook sessions.
The inside information came from data breach notification website LeakedSource who told HackRead that the data breach took place before October 2016, yet, it is unclear who was behind the breach and who provided LeakedSource with the data.
PakWheels was started back in 2003 to fill the missing space between automotive enthusiasts and the absence of a platform that discusses automotive industry related topics in the country. Since then, the website is being widely used for advertising, buying and selling of cars within Pakistan.
Currently, according to Alexa, the website is among the 67 most visited platforms in Pakistan.
This is not the first time when a high-profile website in Pakistan fell prey to hackers. In May 2016, Pakistan’s real estate giant Zameen was hacked by a Bangladeshi hacker who leaked its entire database after being ignored by Zameen’s administration.
As far as vBulletin forum software, the year 2016, has been a bad year for anyone using vBulletin and not updating it to its latest version. Until now, the forums hacked due to vulnerability in outdated vBulletin forum software include Clash of Kings forum with 1.6 million data stolen, Epic games forum with 800,000 accounts stolen, Grand Theft Auto (GTA) forum, Russia’s Mail.ru with 27 million accounts stolen, LifeBoat forum with 7 million accounts stolen and Exile Mod gaming forum with 12,000 accounts stolen.
If you are a PakWheel user change your password right now, also change your Facebook password in case you log in on the site with your Facebook account whilst website owners still using the outdated version of vBulletin, update your software right now.