Started as a simple discussion board for vehicle enthusiasts back in 2003, PakWheels has now became the largest online portal in Pakistan to buy/sell vehicles.
A few days ago PakWheels sent an email to all registered users, asking them to change their account passwords due to a security breach.
It didn’t reveal actual damage or any specific details about the breach, but the news platform HackRead claims almost 700,000 users got affected.
It also says that hackers got access to sensitive user data including names, passwords, emails & Facebook session details.
Hackers Got Lucky? PakWheels Failed to Update Software:
In its email, PakWheels puts all the blame on popular VBulletin software and admitted that the hackers used a known vulnerability to get in. The vulnerability was fixed by the PakWheels management.
The matter is quite simple, PakWheels didn’t update the script timely and as a result hackers got in. It merits mentioning here that VBulletin is a leading forum software and the company do release security patches on a regular basis.
This is isn’t the first time a popular Pakistani portal has been hacked, but we do expect a website which ranks #66 in Pakistan to behave like professionals and try their best to keep the platform secure. According to the leaked source the hack was done in October this year, but PakWheels only notified its users a couple of days ago.
It also merits mentioning here that PakWheels got US$3.5 Million Investment a couple of years ago and is again eyeing for more funding. However what it should really focus on is the data security, so in future there are no such incidents.