In a new development, the Joomla Resources Directory (JRD) which contains unencrypted user data has been hijacked.
Joomla has released a statement containing a new data breach that occurred during an internal website auditing.
It was discovered that a team member of the Joomla Resources Directory (JRD) stored unencrypted backup of the website on an Amazon web service S3 bucket belonging to an external company, thereby exposing about 2,700 users’ accounts on its Joomla Resources Directory (JRD) website.
The company known to be one of the most popular open-source content management systems disclosed that the breach exposed sensitive information belonging to users, such as full names, email addresses, business addresses, encrypted passwords, IP addresses, nature of business, business URLs and phone numbers.
Exposed Data Contains Critical Information
It has been revealed by the company that most of the data has been in the public domain being that the JRD portal has always been used by Joomla professionals as a directory which makes the breach less severe.
Extreme users’ data like social security numbers, drivers’ license, mother’s maiden name, payment details, and any other financial information are not also among the exposed data, making the exposure a non-financial threat.
The unencrypted data that got exposed contains the list of service providers and developers who specialize in Joomla with users extending their CMS and other functions.
Due to the audit, Joomla removed all users noticed not to have logged in before the 1st of January 2019, including groups seen to be inactive.
What Next After Joomla Resources Directory Data Breach?
While an investigation is ongoing with the Joomla Resources Directory (JRD) remaining temporarily suspended, the company has rolled out several security patches for the affected platform.
Joomla has also reached out to the third-party company to have the leaked data deleted even as it remains unclear if the unencrypted backup data has fallen into the wrong hands.
The company activated two-factor authentication and has reached out to users through the released advisory admonishing them to take precautionary measures by changing their passwords immediately with the possibility that the exposed data might have been scooped up by cybercriminals.