Even computer-security companies aren't immune to online attacks. Anti-malware maker Malwarebytes revealed last week that its user forums had been hacked into earlier on Nov. 10. Email notices were sent out around Nov. 20 asking users to reset their passwords.
The hackers apparently exploited a vulnerability in the third-party service that hosts Malwarebytes' forum. Nevertheless, personal information does not seem to have been stolen, and Malwarebytes' main website was not affected by the hack, company founder Marcin Kleczynski told users in the forum.
Malwarebytes' forums, located at https://forums.malwarebytes.org, are run by a company called Invision Power Services, using a platform called IP.Board.
"Invision is known for having vulnerabilities and gets exploited all the time; unfortunately, we fell victim to that," wrote Kleczynski in a statement on the forums.
Some users then criticized Malwarebytes for using a third-party service to host its forum. There's no evidence that the hackers took any personal information, but Malwarebytes is still requiring users to reset their passwords. Some forum users have also reported that the forums went offline for a brief time on the evening of November 21.
This forum is separate from Malwarebytes' main website, https://malwarebytes.org, which was not affected by the hack, Kleczynski said.
Malwarebytes is best known for its software Malwarebytes Anti-Malware Free, which specializes in catching rare and destructive malware on users' PCs.
- What Encryption Is and How It Works for You
- Best Android Security Apps 2014
- 12 Mobile Privacy and Security Apps
Jill Scharr is a staff writer for Tom's Guide, where she regularly covers security, 3D printing and video games. You can follow Jill on Twitter @JillScharr and on Google+. Follow us @tomsguide, on Facebook and on Google+.