SitePoint is an Australian-based website, and publisher of books, courses and articles for web developers. The company has disclosed a data breach and notified its users via email.
Threat actors offered for sale an archive containing user details for one million SitePoint users on a cybercrime forum.
In December, security experts from Bleeping Computer reported that a threat actor was selling user records allegedly stolen from twenty-six companies on a hacker forum.
The total volume of data available for sale is composed of 368.8 million stolen user records, 1 million records belong to SitePoint.
“We have recently confirmed that SitePoint’s infrastructure was breached by a third party and some non-sensitive customer data was accessed as part of this attack.” reads the data breach notification share by El Reg.
“As a precautionary measure, while we continue to investigate, we have reset passwords on all accounts and increased our required length to 10 characters. Next time you login to SitePoint you will need to create a new password.”
The company revealed that threat actors compromised an unnamed “third party tool we used to monitor our GitHub account.”
“This allowed access through our codebase into our systems. This tool has since been removed, all of our API keys rotated and passwords changed,” the company said.
Data accessed by the threat actors could be exploited to access users’ codebase and system, the good news is that no financial information was exposed because it was not stored on the company system.
Both ZDNet and Bleeping computer speculate that the third-party tool compromised by attackers is the Waydev app.
In response to the security breach, the company has reset user passwords for all its users.
The company pointed out that passwords were hashed with the bcrypt algorithm and salted, which is considered secure and makes it hard to crack passwords.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, SitePoint)