Skip to main content

WineHQ Suffers Cyber Attack; Usernames and Passwords Stolen

Open source project WineHQ has become the latest target of a massive cyber attack, with the perpetrators downloading and stealing several usernames and passwords.

WineHQ, whose database was hacked using a vulnerability in phpmyadmin, develops and operates a platform used to run Windows-based applications on Mac OS X, BSD, Solaris and Linux.

The company warned in a blog post (opens in new tab) about the security breach and informed customers that it was resetting the passwords of every account that was stolen and was also in the process of sending emails to users affected by the security breach.

WineHQ said the breach may have taken place due to a vulnerability in phpmyadmin or stolen credentials of an admin.The company said that no other information was stolen nor was there any damage to the database.

“Unfortunately, the attackers were able to download the full login database for both the appdb and bugzilla. This means that they have all of those emails, as well as the passwords. The passwords are stored encrypted, but with enough effort and depending on the quality of the password, they can be cracked,” the company said.