Joomla! is one of the biggest CMS in the World, to be specific, it is the 3rd most popular after WordPress and Drupal. Being that big in the industry, even a small error can cause millions of users worldwide. Just a few days back, the Joomla! the team announced a data breach that occurred accidentally last week.
Thankfully, the breach does not affect millions but 2,700 users who registered on JRD, Joomla Resources Directory. The incident happened last week when a member of JRD left a full unencrypted backup of JRD on AWS S3 server.
The company said that it was possible for a third-party to find and download the backup. It is not sure if any third-party had found it or not. In any case, Joomla team highly recommends all affected users to change their passwords on other websites (if they used the same password on multiple sites). Talking about passwords, the backup includes the following users’ details in the backup –
- Full name
- Business address
- Business email address
- Business phone number
- Company URL
- Nature of business
- Encrypted password (hashed)
- IP address
- Newsletter subscription preferences
Most of the users’ information involved in the breach is already public except the IP address and hashed passwords. If anyone found the backup and successfully unhashed the passwords, he can use those passwords on other websites like Gmail, Microsoft, Facebook, etc. to access them. If you are affected by the breach, used the same passwords on Gmail, Facebook, etc. as on JRD platform, change your passwords immediately.
Leaving a full unencrypted backup of the entire platform is not a small mistake. The company realized it and did a full audit of the platform and implemented multiple improvements. You can check the Audit report.