Interworx Forums Security Alert

On Thursday July 9th, 2020 we discovered unauthorized access to our Forums DB (https://forums.interworx.com) via an sql injection exploit. No other sites were impacted. The forums are on an isolated server and there is no communication with our other web applications.

What kind of user data was affected?
The extent of the exposed data is:

• User IDs
• Names
• Email Addresses
• Double encrypted and salted passwords using Blowfish / bcrypt.

Note: Older accounts that have not changed their passwords in some time may be using older MD5 encryption with shorter salts.

What are we doing?
We have restored from backups, updated and scanned for any malware. The site is being migrated to a newer server with additional WAF protection and a dedicated sysops team. Our Security teams have helped perform additional security checks to confirm that we are good to go. We are working on additional tools and procedures to help make sure this does not happen again.

The DNS updates for the move to the new server will have propagated within 24 hours.

Immediate actions for you to take
We have taken the precaution of resetting user passwords on old encryption schemes. To be able to login to the site you will need to use the lost password functionality.
https://forums.interworx.com/lostpw
Users with passwords using an up to date encryption scheme will be able to login but will be prompted to change their passwords.

When you choose a new password, please do not use the same password you used with us previously. We recommend that you do not use any passwords you use for other services. We also recommend using a password manager so you can manage multiple complex passwords for all your services. Your browser likely has a basic built in password suggestion and storage solution, other recommended options are lastpass and dashlane.

Please contact our support via https://support.interworx.com/ if you have any questions.

We apologize for any inconvenience this may cause.

Regards,
Paul Oehler
VP