Canadian Cloud accounting startup FreshBooks failed to properly secure data belonging to WordPress users who were placed in charge of managing the company’s website.
The data leak was first discovered by the Cybernews research team in Jan. 2023.
- The data leak stemmed from a publicly accessible Amazon Web Services (AWS) Storage bucket being used by FreshBooks.
- One of the leaked databases contained the names, usernames, email addresses, and hashed passwords of 121 WordPress users.
- The
Cybernews research team emphasized that “The website’s login page to
the admin panel was secured and not publicly accessible” but that the
threat actors could have easily gained access using the WordPress
MD5/phpass hashing algorithm.
- This incident reportedly put more than 30 million WordPress users in more than 160 countries at risk of cybercrime.
- The
researchers have advised FreshBooks to change all login
credentials, monitor for suspicious activity, conduct a thorough
security audit, and implement two-factor authentication.
