Monday, March 8, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Joomla Resources Directory (JRD) Portal Suffers Data Breach

June 1, 2020
in Internet Privacy
Joomla Resources Directory (JRD) Portal Suffers Data Breach
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Joomla, one of the most popular Open-source content management systems (CMS), last week announced a new data breach impacting 2,700 users who have an account with its resources directory (JRD) website, i.e., resources.joomla.org.

The breach exposed affected users’ personal information, such as full names, business addresses, email addresses, phone numbers, and encrypted passwords.

You might also like

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers

Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

The company said the incident came to light during an internal website audit that revealed that a member of the Joomla Resources Directory (JRD) team stored a full unencrypted backup of the JRD website on an Amazon Web Services S3 bucket owned by the third-party company.

The affected JRD portal lists developers and service providers specialized in Joomla, allowing registered users to extend their CMS with additional functionalities.

Joomla said the investigation is still ongoing and that accesses to the website have been temporarily suspended. It has also reached out to the concerned third-party to get the data deleted. It’s not clear if any party found the unencrypted backup and accessed the information.

The details that could have been potentially accessed by an unauthorized third-party are as follows:

  • Full names
  • Business addresses
  • Business email addresses
  • Business phone numbers
  • Company URLs
  • Nature of business
  • Encrypted passwords (hashed)
  • IP addresses
  • Newsletter subscription preferences

The impact of the breach is said to be low, given that most of the information is already in the public domain.

In addition to mandating a password reset for all impacted accounts, it’s recommended to change them on other sites that reuse the same password to prevent credential stuffing attacks.

As a consequence of the audit, Joomla has removed all users who’ve not logged in before January 1st, 2019, as well as several unused groups. Furthermore, it has enabled two-factor authentication and rolled out security fixes on its platform.

“Even if we don’t have any evidence about data access, we highly recommend people who have an account on the Joomla Resources Directory and use the same password (or combination of an email address and password) on other services to immediately change their password for security reasons,” Joomla said in the advisory.


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

Manchester United Stock is Wall Street’s Darling as Sport Returns

Next Post

Researcher lands $100,000 reward for ‘Sign in with Apple’ authentication bypass bug

Related Posts

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers
Internet Privacy

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers

March 6, 2021
Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories
Internet Privacy

Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories

March 6, 2021
Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!
Internet Privacy

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

March 6, 2021
Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount
Internet Privacy

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

March 5, 2021
CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws
Internet Privacy

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

March 5, 2021
Next Post
Researcher lands $100,000 reward for ‘Sign in with Apple’ authentication bypass bug

Researcher lands $100,000 reward for ‘Sign in with Apple’ authentication bypass bug

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Top 6 Regression Techniques a Data Science Specialist Needs to Know
Data Science

Top 6 Regression Techniques a Data Science Specialist Needs to Know

March 8, 2021
Dataiku named as Gartner Leader for Data Science and Machine Learning
Machine Learning

Dataiku named as Gartner Leader for Data Science and Machine Learning

March 8, 2021
Bill establishing cyber abuse takedown scheme for adults enters Parliament
Internet Security

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

March 8, 2021
An Easy Way to Solve Complex Optimization Problems in Machine Learning
Data Science

An Easy Way to Solve Complex Optimization Problems in Machine Learning

March 8, 2021
Machine Learning Patentability In 2019: 5 Cases Analyzed And Lessons Learned Part 4 – Intellectual Property
Machine Learning

Podcast: Non-Binding Guidance: FDA Regulatory Developments In AI And Machine Learning – Food, Drugs, Healthcare, Life Sciences

March 8, 2021
Here’s an adorable factory game about machine learning and cats
Machine Learning

Here’s an adorable factory game about machine learning and cats

March 8, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Top 6 Regression Techniques a Data Science Specialist Needs to Know March 8, 2021
  • Dataiku named as Gartner Leader for Data Science and Machine Learning March 8, 2021
  • eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’ March 8, 2021
  • An Easy Way to Solve Complex Optimization Problems in Machine Learning March 8, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates