The forum dedicated to Check Point’s ZoneAlarm security product appears to have been breached and the details of the forum’s members have been leaked online.
Check Point says its ZoneAlarm product has been used by nearly 100 million users worldwide, but the incident only appears to impact a few thousand users. The ZoneAlarm forum has roughly 4,500 members, but Breach Report claims to have come across a file containing 5,175 leaked records.
The file contains email addresses, password hashes, dates of birth, and user IP addresses. The ZoneAlarm forum is powered by the vBulletin forum software and Breach Report suggested that hackers may have obtained the data after exporting CVE-2019-16759, a vBulletin vulnerability that was patched in late September.
The flaw had been exploited before the release of a patch and some claimed that its existence had been known for years.
Check Point representatives said the ZoneAlarm team contacted affected individuals within 24 hours of detecting the breach. The company is conducting an investigation into the incident and would not confirm that it involved exploitation of a vBulletin vulnerability.
The company said passwords “remain encrypted,” but advised users to change them “as a security measure.”
“It is important to stress that this website is isolated from any other of Check Point’s websites and was used only by the registered ZoneAlarm forum subscribers. ZoneAlarm itself is one of our smallest product lines,” Check Point told SecurityWeek via email.
The ZoneAlarm forum is currently offline.
Related: Android Forums Suffers Data Breach