Now, since the leaked database containing e-mail addresses, hashed passwords, and other information, it’s working with Have I Been Pwnd platform to let users know about their hacked status.
MangaDex Confirms Users Database Leak
In mid-March, MangaDex reported a malicious incident with its platform where an unauthorized party had accessed their internals through an admin account. Credentials of this account were reportedly obtained from a previous beach, and soon he elevated access with a dormant developer account and possibly accessed the users’ database. While MangaDex didn’t confirm any data leak but warned users to expect the worst, it did happen now! Earlier this week, MangaDex reported that the users’ database containing the username, e-mail address, hashed password, IP address is being circulated privately in the underground. While it didn’t disclose which parties are sharing the leaked (stolen) database, it asked users to change their credentials of other online accounts they had shared with MangaDex. Though shared privately, MangaDex warns that soon it may reach the public domain and be more accessible, giving rise to more hacks. MangaDex sees the groups sharing the database are having “ill intentions against MangaDex and have chosen to be complicit in the breach by keeping quiet about it, likely for unethical reasons.” Thus, it’s now working with Have I Been Pwnd, a hack-status checking platform to help users check theirs. Sharing a copy of its leaked database with the Have I Been Pwnd can help MangaDex users to check whether their credentials were leaked or not by entering their email address on the site. And if the result retrieved shows negative, the credentials were hacked and suggested to change.