Exploit: Unsecured database
Joomla: Content management system
Risk to Small Business: 1.708 = Severe
Developers failed to secure backup files on a cloud storage platform, leaving people’s personal data exposed to the internet. The storage platform doesn’t automatically encrypt data, but enabling these security features is simple, making this incident an unforced error that was easily preventable. While the platform has secured the database, this breach will test users’ loyalty at a time when people are more willing than ever to leave businesses that can’t protect their information.
Individual Risk: 2.675 = Severe
The data breach exposed personally identifiable information, including names, addresses, phone numbers, website addresses, business titles, encrypted passwords, IP addresses, and newsletters subscription preferences. Users should update their Joomla account passwords and any other account credentials using the same details. In addition, they need to carefully monitor incoming messages as this information is often used in phishing scams.
Customers Impacted: 2,700
How it Could Affect Your Customers’ Business: Billions of account credentials are compromised every year. Companies committed to cybersecurity shouldn’t rely exclusively on password integrity to protect their most critical information. Instead, make account security tools, like two-factor authentication, accessible for all employees.
Source:
https://www.crn.com.au/news/content-management-system-joomla-hit-by-data-breach-548844