After closing its forums last week citing a "system issue," Nvidia has come clean that the issue was in fact a large-scale attack by an unknown hacker. Nvidia says its investigation has revealed the hacker gained access to usernames, email addresses, hashed and salted passwords, and public-facing "about me" profile information.
Nvidia, unlike other companies, hashed all the passwords with a random salt value, making them extremely secure. Nonetheless, the company recommends you change your password, and you also might want to change your password at other websites if you use an identical one. The company will send all Nvidia users a temporary password when the service comes back online, along with instructions on how to change it.
We reached out to Nvidia to ask which accounts may have been affected, and a spokesperson told us that:
"Three Nvidia sites were affected -- Nvidia Forums, which has about 290,000 registered users; Nvidia Developers Zone, with about 100,000; and the Nvidia Research site with about 1,200."
Nvidia says it's "continuing to investigate this matter" and will reopen the forums as soon as it's certain that secure operations can be restored.