Joomla Resources Directory (JRD) Portal Data Breach (1st June 2020)

Description

Joomla, a widely used open-source content management system (CMS), has announced a data breach that impacted 2700 users with accounts on the resources directory (JRD) website. The team became aware of the breach during an internal website audit.

Summary

In their account of the incident, Joomla stated that unencrypted, full site backups of their resource directory were stored in a third-party company Amazon Web Services S3 bucket. Joomla further stated that each backup included a full copy of the website and all its data. As a public directory, most of the data listed were public, however, private data (unpublished, unapproved listings, tickets) was breached. Joomla indicated that some potential data that were affected included, but was not limited to, the following: Full Name, Company URL, IP address, encrypted password (hashed) and business email address. More information can be found at https://community.joomla.org/blogs/community/jrd-security-incident-notification.html

The Guyana National CIRT recommends that users and administrators of JRD review the incident details and apply the following safety measures where necessary:

Reference

The Hackers News - Joomla Resources Directory (JRD) Portal Suffers Data Breach: https://thehackernews.com/2020/06/joomla-data-breach.html?m=1

Data Breaches - Joomla team discloses data breach

https://www.databreaches.net/joomla-team-discloses-data-breach/

Written by Joomla Incident Response Task Group. (n.d.). JRD Security Incident Notification. Retrieved June 1, 2020, from https://community.joomla.org/blogs/community/jrd-security-incident-notification.html