U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

The team behind the Joomla CMS discloses a data breach

Maintainers at the Joomla open-source content management system (CMS) announced a security breach that took place last week. Last week a member of the Joomla Resources Directory (JRD) team left an unencrypted full backup of the JRD site (resources.joomla.org) on an unsecured Amazon Web Services S3 bucket operated by the company. The company did not […]

joomla

Maintainers at the Joomla open-source content management system (CMS) announced a security breach that took place last week.

Last week a member of the Joomla Resources Directory (JRD) team left an unencrypted full backup of the JRD site (resources.joomla.org) on an unsecured Amazon Web Services S3 bucket operated by the company.

The company did not reveal is third-parties have found and accessed to the S3 bucket.

“JRD full site backups (unencrypted) were stored in a third-party company Amazon Web Services S3 bucket. The third-party company is owned by a former Team Leader, still Member of the JRD team at the time of the breach.” reads the data breach notification. “Known to the current Team Leader at the time of the breach. (https://volunteers.joomla.org/teams/resource-directory-team) Each backup copy included a full copy of the website, including all the data.”

The backup contained details for approximatively 2,700 users who registered and created profiles on the JRD website.

The Joomla Resources Directory portal allows professionals and developers to advertise their services.

Joomla team is investigating the data leak said they are still investigating the incident. It is currently unclear if anyone found and download the data from the third-party company’s S3 server.

The Joomla team also carried out a full security audit of the portal.

“The audit also highlighted the presence of Super User accounts owned by individuals outside Open Source Matters,” continues the notification.

Data contained in the backup includes :

  • Full name
  • Business address
  • Business email address
  • Business phone number
  • Company URL
  • Nature of business
  • Encrypted password (hashed)
  • IP address
  • Newsletter subscription preferences

The data breach notification states that most of the data was public, because it was a public directory, anyway private data (unpublished, unapproved listings, tickets) was exposed in the breach.

The Joomla team is urging JRD users to change their password on the JRD portal and on other sites where they share the login credentials.

“Even if we don’t have any evidence about data access, we highly recommend people who have an account on the Joomla Resources Directory and use the same password (or combination of email address and password) on other services to immediately change their password for security reasons.” concludes the notification.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – data breach, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]