No announcement yet.

Important Security Notification about QuickBooks Forums Accounts

  • Filter
  • Time
  • Show
Clear All
new posts

  • Important Security Notification about QuickBooks Forums Accounts

    Dear QuickBooks Forums member,

    We want you to be aware that there was a possible data breach on the QuickBooks Forums.

    A security flaw in vBulletin’s software, which is one of the most popular server applications for online communities, including the QuickBooks Forums, was made public recently.

    On October 2, 2019, we became aware that this vulnerability in the vBulletin software had been exploited by an unknown attacker, resulting in a potential data breach on the QuickBooks Forums.

    We took immediate action to take the forums offline, and began investigating how this breach happened, what needed to be done to correct the breach, and what potential exposure of QuickBooks Forum members’ information existed. We have since applied new vBulletin software patches, and have taken other measures as well to bolster our web server security.

    Who has been affected and what data has been potentially accessed?

    It is possible that QuickBooks Forum members’ information was accessed by the attackers. We do not have any evidence that member information was compromised, but we cannot rule it out either.

    Forum user accounts contain information members’ username and email address. Members may also have provided their location, QuickBooks version, interests/hobbies, birthdate, and occupation, which is stored in the database of members’ info. The website stores members’ last-used IP address also. All user passwords in the database were stored encrypted. The QuickBooks Forums currently have approximately 65,000 registered users.

    What should forum members do?

    As a precautionary measure, we recommend that forum members change their passwords and use good password practices. These include creating strong, long passwords, and not reusing passwords across different Internet accounts. Your account password is encrypted in the QuickBooks Forums, but a password change is recommended.

    We regret any inconvenience or distress this vulnerability may have caused you. We want to reassure you that in addition to the two separate security scanning services we have in place on our web server, we have put in place measures to ensure that all security vulnerabilities in vBulletin will be patched immediately when patches become available.

    Please note that the QuickBooks Forums are independent, and not associated with Intuit, QuickBooks software or tech support, or the Intuit Community.

    If you have questions or concerns, please email me personally at, or call me at 800-999-9209 x700, or 719-395-8750 x700.

    Best regards,

    Shannon Tucker
    President, AccountingUsers, Inc.
    Shannon Tucker
    email: tucker at