LAHORE – Pakistan’s top-ranked automotive classified website ‘Pakwheels’ has confirmed that their server was breached by an unknown third party exposing personal data of registered users.
According to reports, an email was sent to users on Monday explaining that hackers were able to conduct the breach by exploiting a known vulnerability in outdated vBulletin forum software.
“We recently came across a security breach in our forums software, which may have exposed some user information to a third party. The security breach was due a known vulnerability in vBulletin, the forum software used by Pakwheels.com,” read the email from the automotive website to its users.
Pakwheels kept mum over the number of users affected by the latest cyber attack but another website ‘Hackread’ shocked everyone by suggesting that the victims could be as many as 674,775 including names, emails, encrypted passwords, mobile number and Facebook sessions.
Hackread went on to claim that the security breach took place before October 2016, yet, it is unclear who was behind the breach and who provided LeakedSource with the data.
Pakwheels entered the market in 2003 to connect automotive enthusiasts with each other and provide a platform to discusses automotive industry related topics in the country. The web portal shot to fame in a jiffy and is being widely used for advertising, buying and selling of cars within Pakistan.
Currently, according to Alexa, the website is among the 66 most visited platforms in Pakistan.
Pakwheels is not the first victim of hackers. Earlier, In May 2016, Pakistan’s real estate giant Zameen was hacked by a Bangladeshi hacker who leaked its entire database after being ignored by Zameen’s administration.
Pakwheels is now up but it is advisable to change the password to avoid any leakage of personal information including e-mail address and Facebook data.
Although slow to enter the e-commerce boom, Pakistan has recently made many strides in the sector with numerous local and international tech and e-commerce companies being set up in the country including Pakwheels as a pivotal player.
The year 2016, in general has been a nightmare for anyone using vBulletin and not updating it to its latest version.
Outdated vBulletin forum software has fallen prey to hackers affecting Clash of Kings forum with 1.6 million data stolen, Epic games forum with 800,000 accounts stolen, Grand Theft Auto (GTA) forum, Russia’s Mail.ru with 27 million accounts, LifeBoat forum with 7 million accounts and Exile Mod gaming forum with 12,000 accounts stolen.