Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Web Developer Hub SitePoint Discloses Data Breach

Web development resources provider SitePoint has notified users of a data breach that resulted in some of their information being stolen.

Based in Melbourne, Australia, and established more than two decades ago, SitePoint provides users with access to tutorials and books that can help them learn the basics of web development.

Web development resources provider SitePoint has notified users of a data breach that resulted in some of their information being stolen.

Based in Melbourne, Australia, and established more than two decades ago, SitePoint provides users with access to tutorials and books that can help them learn the basics of web development.

Last week, the company started informing users that some data was accessed by a third-party during a cyber-attack that was “recently confirmed.”

The culprit, SitePoint said, is a third-party tool that it uses to monitor its GitHub account, “which was compromised by malicious parties.”

While it did not provide further information on the compromised tool, SitePoint said that hackers abused it to access its systems and codebase. The Waydev GitHub application was previously abused in similar attacks.

In addition to removing the tool, the company rotated API keys and changed passwords.

“As a precautionary measure, while we continue to investigate, we have reset passwords on all accounts and increased our required length to 10 characters,” the company told users.

Information that was likely compromised during the incident includes names, usernames, hashed passwords, email addresses, and IP addresses. Although the passwords are stored hashed and salted, users are advised to change them, to ensure the security of their account.

Advertisement. Scroll to continue reading.

“Your browser will remain logged in if you have used our service recently. However, you can still create a new password manually by clicking on the ‘Account > Profile & Settings’ option and entering your details in the ‘Change your password’ section,” SitePoint said.

Users who log into SitePoint with Google, Facebook, or similar social services won’t have to change their passwords.

The company also notes that it has no evidence that customers’ financial information was accessed during the data breach, as it does not store credit card data, but uses a third party service for credit card processing.

The company also said it is currently “performing a full assessment of the data breach,” as well as of its infrastructure and security posture.

SitePoint did not provide information on the number of affected users, but BleepingComputer suggests that over one million might have been affected, based on information that emerged in December 2020. The company was apparently warned of the incident at the time.

“This breach, and the fact that they were warned months earlier, serves as a lesson that organizations need to have a process in place to deal with reports of potential data leakage and must take them seriously. It is critical for organizations to deal with these issues quickly and transparently to allow those impacted to protect themselves,” Erich Kron, security awareness advocate at KnowBe4, said in an emailed comment.

“These types of breaches are a reason that individuals should be taught not to use the same login credentials across multiple services. In the event the attackers are able to crack the encryption, they are likely to try the credentials on other websites, especially banking sites and shopping sites, in the hope that they are reused there,” Kron added.

Related: Airbus CyberSecurity Subsidiary Stormshield Discloses Data Breach

Related: Embedded Software Developer Wind River Discloses Data Breach

Related: Clothing Brand Bonobos Notifies Users of Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Wendi Whitmore has taken the role of Chief Security Intelligence Officer at Palo Alto Networks.

Phil Venables, former CISO of Google Cloud, has joined Ballistic Ventures as a Venture Partner.

David Currie, former CISO of Nubank and Klarna, has been appointed CEO of Vaultree.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.