• by Ray Schultz , November 5, 2017

Verticalscope, a Canadian web forum manager with 45 million accounts, has been hacked for the second time in two years, according to Krebs on Security.

The new breach could affect 2.7 million user accounts, including email addresses and other information, Krebs writes.

Verticalscope verified that six sites had been affected, including Toyotanation.com, Jeepforum.com — the company’s second most-popular site; and watchuseek.com, Krebs continues.

According to Krebs, a company statement said: “The intrusion granted access to each individual website files. Out of an abundance of caution, we have removed the file manager, expired all passwords on the 6 websites in question, added the malicious file pattern and attack vector to our detection tools, and taken additional steps to lock down access.”

Security researcher Alex Holden notified Krebs last Thursday that hackers were selling access to Verticalscope.com and several of the company’s other sites.

Contrary to Holden’s initial suspicions, the data being sold was not stolen in the 2016 breach: it appeared to be new.

The sites had been compromised by a “backdoor known as a 'web shell'," Krebs writes.

Using a web shell, a perpetrator can administer the site and upload and delete content, including email addresses, user names and passwords, he adds.

The first data breach occurred in 2016, and involved almost 45 million records from 1,100 websites and forums, according to ZDNet.