Affinity forums hacked (April 6, 2023)

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,249
Unfortunately we have become aware that personal data relating to users of these forums may have been accessed from outside the company following a cyber attack on 6 April 2023. It appears that an administrator’s account was compromised, allowing access to our forum members list.

What data was accessed?

The data which may have been accessed is what is on your public forum profile (e.g. username, post count, reputation, joining date, etc.), but additionally includes your Email Address and Last Used IP Address which would ordinarily be private. Thankfully we can be sure it would not have been possible to access your forum account password so that has definitely not been compromised in this breach.

What information is available on your public profile depends on what you have previously given. You can view your profile by logging in to your account and clicking on your avatar in the top right-hand side.

Please be reassured that any information accessed does not include any financial data, purchase history, physical addresses, phone numbers or anything else held within your main Affinity account / AffinityID. The forum is a standalone system which is completely separate from your Affinity account.

We cannot tell what proportion of our forum members’ email addresses were accessed so we are making all members aware as a precaution.

We have reported this incident to the UK Information Commissioner’s Office (ICO) as well as taken immediate steps to make the forum system more secure to avoid this type of attack in future.

What should you do?

We do not think you need to do anything, other than be mindful that this happened and to follow general advice around email and online account security.

One thing to be particularly diligent with is possible email “phishing” attempts. This will be when someone contacts you pretending to be us, requesting you change your password or give other account information to them. If you are concerned about any email being legitimate, don’t click any links in the email. If you wish to update any of your forum account details type forum.affinity.serif.com into your browser and log into your account from there to be sure.

Generally, if you do receive any suspicious email which you think could have originated via this breach (for example if an email you receive addresses you by your forum username) please let us know.

If you wish to make any such reports or have any further questions, then please contact us at dataprotection@serif.com. Full details of Serif’s Privacy Policy are available on our website Affinity Privacy and Cookies Policy.

As well as this forum announcement we are notifying all forum members about this via email.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top