A post on the Winamp Forums titled Winamp Forums Security Breach FAQ explains that a security breach was detected. The post states, “My name is Geno Yoham and I am the General Manager of Winamp. Our entire team is dedicated to protecting the privacy of our users and has put extensive measures in place to ensure your information remains secure. As a result of these precautions, we quickly detected and blocked an attack on the Winamp Forums database. We have confirmed that this breach was isolated to the Winamp Forum (forums.winamp.com) site only. Other Winamp sites and products such as Winamp.com, dev.winamp.com and the Winamp Desktop Media Player were not affected in any way.”
The FAQ response to the questions “What happened?” is ambiguous and elusive: “As a result of our continuous security monitoring, we identified and blocked this attack. Additionally, new security measures have been deployed to help keep this type of breach from happening in the future.”
Great, but um…..what happened?
Winamp claims that there is no evidence that any information other than email addresses was exposed, but it is directing Winamp Forums users to change their account passwords as a precaution. The FAQ also reiterates that standard security best practices suggest that users should be changing their passwords regularly anyway.