Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Weebly Breach Affects Over 43 Million Users

Hackers have managed to steal information associated with more than 43 million accounts belonging to customers of Weebly, a San Francisco-based web hosting service that provides a drag-and-drop website builder.

Hackers have managed to steal information associated with more than 43 million accounts belonging to customers of Weebly, a San Francisco-based web hosting service that provides a drag-and-drop website builder.

According to LeakedSource, the attackers stole 43,430,316 accounts after breaching the company’s systems in February. The compromised information includes usernames, email addresses, IPs and password hashes.

Weebly has been in touch with LeakedSource and confirmed that the exposed information is genuine. The company has notified affected users and reset their passwords. On its website, Weebly claims to have more than 40 million users, which indicates that the breach has affected a large majority, if not all, of its customers.

Weebly is still trying to determine the cause of the breach, but the company says it has already started improving network security. In addition to resetting passwords, it has introduced a new feature that allows users to monitor their most recent login history for unauthorized access.

There is no evidence that Weebly users’ customers are affected and the hosting service says it does not store full credit card numbers or other financial information. Users have been warned about the risks of password reuse and the possibility that cybercriminals could leverage this incident for phishing campaigns.

The breach appears to affect users who registered accounts prior to March 1, 2016. Fortunately, in a majority of cases, passwords have been protected using bcrypt with a cost factor of 8 and unique salts, which makes them difficult to crack. The passwords for accounts created before June 2011 and not used recently were hashed with MD5, but Weebly says only a small number of customers fall into this category.

“The Weebly cyber attack is unfortunately part of the broader and rapidly accelerating trend we are observing globally. Right now, most sophisticated cyber attackers are more than able to penetrate the perimeter of enterprise networks. They have many ways to attack the network and all they need to is for one attempt to be successful. Once they are inside, the entire network is at risk,” TrapX co-founder Moshe Ben Simon told SecurityWeek.

“Our research shows that it is most critical for defenders to reduce the time to breach detection to almost real time. Current cyber defenses must be supplemented with new technologies and best practices that can identify attackers moving silently within the network. If you can find the attackers moving within the networks quickly, security operations teams can then move rapidly to shut the attack down and return to normal operations,” he added.

Advertisement. Scroll to continue reading.

LeakedSource also reported obtaining information on nearly 59 million users stolen from Modern Business Solutions. The company said it was also provided 22 million user accounts allegedly stolen from FourSquare in December 2013.

LeakedSource has disclosed several mega breaches this year, including ones affecting Last.fm, Rambler, Mail.Ru, Social Blade and Dropbox.

Related: Russian Arrested by Czech Police Tied to 2012 LinkedIn Hack

Related: Leak of 200 Million Yahoo Accounts Linked to 2014 Hack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...