Another data breach is in the headlines, Weebly and Foursquare are the latest victims of the massive data breaches.
According to data breach notification site LeakedSource, hackers compromised details for over 43 Million users.
“Well known San-Francisco based “drag-n-drop” website creator Weebly.com had information on 43,430,316 users leaked from its main database in February of 2016. This database was provided to us by an anonymous source.” reads the blog post published by LeakedSource.
“Each record in this mega breach contains a username, email address, password, and IP address.”
The company confirmed the data breach, it also informed LeakedSource that it has started notifying affected customers and initiated password reset process.
LeakedSource also provided details of the cyber attack that seems to be dated back to February 2016, confirming the massive impact of the incident.
“This mega breach affects not only tens of millions of users but tens of millions of websites and with Weebly being one of the most popular hosting platforms in the world, this breach could have been far more disastrous in the wrong hands had they not strongly hashed passwords.”
Weebly stored the password with uniquely salted Bcrypt hashing making it hard for attackers to obtain user’s actual password.
“Weebly recently became aware that an unauthorized party obtained email addresses and/or usernames, IP addresses and encrypted (bcrypt hashed) passwords for a large number of customers,” the company said.
“At this point, we do not have evidence of any customer website being improperly accessed. We do not store any full credit card numbers on Weebly servers, and at this time we’re not aware that any credit card information that can be used for fraudulent charges was part of this incident.”
(Security Affairs – data breach, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.