News and Updates on Information Technology

DreamHost Exposes 800M+ WordPress Users’ Records

Exploit: Unsecured Database

DreamHost: WordPress Hosting Service

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.823=Severe

A misconfigured cloud database exposed over 800 million records linked to WordPress users through hosting provider DreamHost. The 814 million records came from the firm’s managed WordPress hosting business DreamPress and appeared to date back to 2018. In this 86GB database, researchers noted admin and user information, including WordPress login location URLs, first and last names, email addresses, usernames, roles, host IP addresses, timestamps and configuration, and security information, some linked to users with .gov and .edu email addresses. The database was purportedly secured within hours but the damage had already been done.

Individual Impact: There has not yet been confirmed that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business There’s no excuse for making basic security blunders, and clients may be less likely to want to work with those who do. A strong security culture prevents these blunders from happening.

Source: Info Security Magazine