Joomla Data Breach: Joomla Resources Directory Users Exposed

Joomla has just reported a data breach. The breach occurred after a member of Joomla Resources Directory left a full backup of the JRD site, resources.joomla.org, on an Amazon Web Services S3 bucket.

Not only was the file not encrypted but it also contained details for at least 2,700 users with registered profiles on the JRD sites. As for the JRD site, it is mainly used by professionals who use it to advertise their Joomla-related skills.

JRD full site backups (unencrypted) were stored in a third-party company Amazon Web Services S3 bucket. The third-party company is owned by a former Team Leader, still Member of the JRD team at the time of the breach. Known to the current Team Leader at the time of the breach, the official announcement says.

Joomla is currently investigating the breach, and it’s still unknown whether someone downloaded the data from the AWS S3 bucket server. In case of further exploits, exposed data that can be abused includes sensitive details, such as:

  • Full name of the user;
  • Business address, email address and phone number;
  • Company URL;
  • Nature of business;
  • Encrypted password (hashed);
  • IP address;
  • Newsletter subscription preferences.

The good news is that the impact of the data breach is considered low, as most of the breached information was already publicly known. However, this is not valid for hashed passwords and IP addresses, which were not public prior to the breach.

What should Joomla Resources Directory users do?

Joomla recommends impacted JRD users change their passwords on the portal immediately. In case this password has been reused on other services, it should be changed for these services as well. The latter is done as a precautionary measure against credential stuffing attacks where hackers use cracked user passwords.

Following the incident, the Joomla team carried out a full security audit of the JRD portal.

Even if we don’t have any evidence about data access, we highly recommend people who have an account on the Joomla Resources Directory and use the same password (or combination of email address and password) on other services to immediately change their password for security reasons,” Joomla’s advisory reads.

Joomla is considered a great alternative to WordPress. It is a fully customizable content management system used by millions of businesses, organizations, and individuals all over the world. It has over 2 millions downloads.

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.