Joomla suffers security breach exposing user records

It total, 2,700 Joomla user records were exposed, has learned.
Joomla suffers security breach exposing user records

It total, 2,700 user records were exposed, has learned.

The team behind Joomla, the third most widely used open-source content management system (CMS) after WordPress, has disclosed a security breach that occurred last week.

Reportedly, a company employee mistakenly left unencrypted data backup while using its Resource Directory portal exposing around 2,700 records of customers who have signed up for the portal.

The backup was left onto the Amazon Web Services (AWS) S3 Bucket, a third-party data storage platform. Currently, the team is investigating whether the database was accessed by anyone or not. 

Joomla is a commonly used CMS for building and managing self-hosted websites and boasts of an utterly vast userbase. It is believed that the security breach may have affected a small portion of its userbase, primarily those who signed up on its Resources Directory (RD).

The RD is a portal designed to let Jooma professionals market their skills and expertise in website building, managing, and marketing.

According to the information shared by Joomla, the backup file was unencrypted and personal details like full name, IP address, business email, and physical address, company URL, business type and phone number, encrypted/hashed password, and newsletter subscription preferences might have been exposed. 

See: db8151dd breach- Contact management firm leaks 22 million emails

Full list of the exposed data:

  • Full name
  • IP address
  • Company URL
  • Business address
  • Nature of business
  • Business email address
  • Business phone number
  • Encrypted password (hashed)
  • Newsletter subscription preferences

However, Jooma claims that this is a low-level security breach because a majority of this information was already accessible publicly, except for IP addresses and hashed passwords.

The company also carried out a full security audit of the Resources Directory portal, which highlighted many Super User accounts owned by users outside the Open Source Matters.  

See: GoDaddy suffers data breach after hackers access SSH accounts

Joomla recommends that those who signed up for Joomla Resources Directory must change their password for the portal as well as for other websites if the same password was used to access other services. 

Even if we don’t have any evidence about data access, we highly recommend people who have an account on the Joomla Resources Directory and use the same password (or combination of email address and password) on other services to immediately change their password for security reasons, the company said.

Did you enjoy reading this article? Do like our page on Facebook and follow us on Twitter.

1 comment

Comments are closed.

Related Posts