Joomla! Help Support Warrington Cheshire Manchester Merseyside UK28 May 2020.

The Joomla Project announced a data breach impacting 2,700 users who have an account with its Joomla! Resources Directory (JRD) website: resources.joomla.org.

These users will consist mostly of developers but anyone who registered with the above website may be impacted by the breach.

"The breach exposed affected users' personal information, such as full names, business addresses, email addresses, phone numbers, and encrypted passwords.

The (Joomla! Project) said the incident came to light during an internal website audit that revealed that a member of the Joomla Resources Directory (JRD) team stored a full unencrypted backup of the JRD website on an Amazon Web Services S3 bucket owned by the third-party company."

Source: The Hacker News.

Read more: Joomla! Resources Directory Data Breach.

 

The Hacker News

Subscribe to The Hacker News newsletter when you visit the above link.

"The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts."

Read more: About 'The Hacker News' Media.

 

Official Joomla! Resources Directory Security Incident Notification

Consequences of the breach: "Personal data contained in JRD could have been accessed by a third-party."

Advisory: "Even if we don’t have any evidence about data access, we highly recommend people who have an account on the Joomla Resources Directory and use the same password (or combination of email address and password) on other services to immediately change their password for security reasons."

Source: Joomla! Community Portal.

 

Make Joomla! CMS Security your #1 Priority

Joomla! Help Support Warrington Cheshire Manchester Merseyside UKWe offer Joomla! coaching, help and support to businesses and organisations across Cheshire, Manchester, Merseyside, North West England & the UK.

Learn how to manage Joomla! website security.