According to ZDNet, Joomla, an open source content management system for publishing web content, has recently suffered a data breach. The breach occurred due to an unencrypted backup of the JRD portal on a private AWS S3 bucket. The leaked backup file contained details for about 2,700 registered users and includes PII such as full names, addresses, email addresses, phone numbers, IP addresses and hashed passwords. While most of the information was already public, the loss of passwords, regardless of encryption level is still incredibly risky and can lead to a rise in credential stuffing.
Experts Comments
Linkedin Message
@Paul Edon, Senior Director (EMEA) , provides expert commentary at @Information Security Buzz.
"Joomla users should reset their credentials immediately...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-joomla-data-breach
Facebook Message
@Paul Edon, Senior Director (EMEA) , provides expert commentary at @Information Security Buzz.
"Joomla users should reset their credentials immediately...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-joomla-data-breach
Linkedin Message
@Robert Ramsden Board, VP EMEA , provides expert commentary at @Information Security Buzz.
"This includes backup files! Even if the majority of the information is in the public domain...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-joomla-data-breach
Facebook Message
@Robert Ramsden Board, VP EMEA , provides expert commentary at @Information Security Buzz.
"This includes backup files! Even if the majority of the information is in the public domain...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-joomla-data-breach
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Jake Moore, Cybersecurity Specialist, provides expert commentary at @Information Security Buzz.
"S3 is one of the oldest services in AWS, and the good news is that it always defaults to secure and private. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-joomla-data-breach
Facebook Message
@Jake Moore, Cybersecurity Specialist, provides expert commentary at @Information Security Buzz.
"S3 is one of the oldest services in AWS, and the good news is that it always defaults to secure and private. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-joomla-data-breach