Joomla, a widely used open-source content management system (CMS), has announced a data breach that impacted 2700 users with accounts on the resources directory (JRD) website. The team became aware of the breach during an internal website audit.
In their account of the incident, Joomla stated that unencrypted, full site backups of their resource directory were stored in a third-party company Amazon Web Services S3 bucket. Joomla further stated that each backup included a full copy of the website and all its data. As a public directory, most of the data listed were public, however, private data (unpublished, unapproved listings, tickets) was breached. Joomla indicated that some potential data that were affected included, but was not limited to, the following: Full Name, Company URL, IP address, encrypted password (hashed) and business email address. More information can be found at https://community.joomla.org/blogs/community/jrd-security-incident-notification.html
The Guyana National CIRT recommends that users and administrators of JRD review the incident details and apply the following safety measures where necessary:
- Reset the password for accounts on Joomla Resources Directory.
- Set Stronger passwords. For more information on creating and managing strong passwords, kindly visit https://www.getsafeonline.gy/protecting-your-computer/passwords/
- Make regular backups. For more information on backups, kindly visit https://www.getsafeonline.gy/protecting-your-computer/Backups/
- Check for patches and updates on the Joomla website and apply where required
The Hackers News - Joomla Resources Directory (JRD) Portal Suffers Data Breach: https://thehackernews.com/2020/06/joomla-data-breach.html?m=1
Data Breaches - Joomla team discloses data breach
Written by Joomla Incident Response Task Group. (n.d.). JRD Security Incident Notification. Retrieved June 1, 2020, from https://community.joomla.org/blogs/community/jrd-security-incident-notification.html