QuickBooks Forum Discloses Possible Data Breach Impacting Up to 65,000 Users

Registered users of the QuickBooks forum, a discussion group sponsored by Accounting Users, Inc., has sent email to their users indicating that a possible data breach was discovered in early October 2019.

We want you to be aware that there was a possible data breach on the QuickBooks Forums.

On October 2, 2019, we became aware that this vulnerability in the vBulletin software had been exploited by an unknown attacker, resulting in a potential data breach on the QuickBooks Forums.

Who has been affected and what data has been potentially accessed?

It is possible that QuickBooks Forum members? information was accessed by the attackers. We do not have any evidence that member information was compromised, but we cannot rule it out either.

Forum user accounts contain information members? username and email address. Members may also have provided their location, QuickBooks version, interests/hobbies, birthdate, and occupation, which is stored in the database of members? info. The website stores members? last-used IP address also. All user passwords in the database were stored encrypted. The QuickBooks Forums currently have approximately 65,000 registered users.

VBulletin is a popular discussion software used by many companies to host forums for users to exchange information online.

The company suggests users change their passwords regularly. QuickBooks forums are independent and not affiliated with Intuit the publisher of QuickBooks.

Below is a copy of the email sent to registered users.