The report quotes Scott A. McIntyre, a security researcher in Australia, as saying the Boxee breach occurred last week, when a full copy of the stolen forum data became widely available as an 800MB file.
While the Boxee was unaware of the hack, officials from password management service LastPass began warning customers with affected e-mail addresses. It said the 800MB file doing the rounds of the Internet contains personal data associated with 158,128 user accounts, about 172,000 e-mail addresses, and cryptographically scrambled passwords. Not only this, the file containing stolen data also includes details like the user's birthdate, IP address, site activity, full message histories, and password changes.
"Please update the password for your boxee.tv account immediately," stated an e-mail LastPass sent to customers. "The LastPass Security Challenge, located in the Tools menu of the LastPass addon, will help find any other accounts using the same password as the leaked account."
The report notes that the security breach doesn't directly affect all Boxee.tv users, only those that were using the same credentials for both the service and the community forum At the time of writing this report, there has been no statement issued on the breach by Boxee.tv yet.Founded in 2007, Israel-based Boxee established itself in the market in the form of a DVR (digital video recorder) that stores content in the cloud and lets viewers watch recordings anywhere without space constraints.