"Lack of HTTPS encryption and the use of vulnerable older versions of the vBulletin forum software were other weaknesses in VerticalScope sites noted by ZDNet."
This doesn't surprise me one bit. vBulletin (which is what the majority of forums are running) is old news. The majority of people don't want to upgrade their version of vB3 to the latest version (which is more stable), because the latest version is absolutely horrid.
Once upon a time vBulletin was king. However, the guys who developed vBulletin sold it to a larger company for a good amount of money. That company ended up screwing things up very, very bad.
Then the guys who sold vBulletin went on to make a new forum software called XenForo (which is what this forum uses). XenForo is lightyears ahead of vBulletin in every way.
Anyways, it sucks that this breach happened. I guess the good thing is that we have to hope most people don't have anything sensitive stored with their accounts on automotive forums.
On most of the other forums I am part of it's just my login and password that would be stored. Nothing like CC info or anything of any value.
