The party is ON! Join us at TNW Conference 2021 in Amsterdam for face-to-face business!

The heart of tech

This article was published on February 16, 2011

    Winamp Forums attacked, email addresses stolen

    Winamp Forums attacked, email addresses stolen
    Matt Brian
    Story by

    Matt Brian

    Matt is the former News Editor for The Next Web. You can follow him on Twitter, subscribe to his updates on Facebook and catch up with him Matt is the former News Editor for The Next Web. You can follow him on Twitter, subscribe to his updates on Facebook and catch up with him on Google+.

    Winamp, creators of the popular music player, has admitted that security processes protecting users accounts on its Winamp Forums website have been compromised, exposing thousands of email addresses as a result.

    Geno Yoham, General Manager of Winamp, took to the company’s forum to reassure users, noting that his team had quickly detected and blocked an attack on the Winamp Forums database. The breach was limited to the forums, meaning its main website, developer portal and desktop media player account databases remained secure.

    As a precautionary measure, Winamp recommends that users change their passwords, despite the fact they were not compromised in the attack. The company says it is dedicated to retaining user privacy and has alerted it users to remain as transparent as possible.

    The Winamp attack is very similar to attacks on SourceForge.net, which saw the network shutdown its CVS Hosting, ViewVC (web based code browsing), New Release upload capability and Interactive Shell services to prevent further compromise, alerting 2 million users in the process.

    Winamp says:

    As a result of our continuous security monitoring, we identified and blocked this attack. Additionally, new security measures have been deployed to help keep this type of breach from happening in the future.

    We are in the process of notifying all users with a registered account for the Winamp Forums via email. If you have any questions, you can reach us at [email protected].

    With email addresses exposed, the users affected could start to receive SPAM or phishing attempts via email. As always, don’t open any attachments you don’t trust and never give over your usernames and passwords, if requested.