Ex-employee of WP MultiLingual’s (WPML) Leaks Customer Data Then Defaces Their Website

  • 101
  •  
  •  
  • 1
  •  
  •  
  •  
    102
    Shares

A former employee of WP MultiLingual’s (WPML) claimed he exploited vulnerabilities over the weekend. The ex-employee sent out mass emails to WPML’s customers informing them of security holes in the plugin. WPML however, denied this and instead stated the employee gained access to the company’s server. WPML believed the ex-employee left a backdoor, later used to access the database and server. The only evidential data compromised was emails, but, the breach may have involved others. The potential number of customers affected could be as many as 600,000.

WPML is a popular computer software plugin WordPress customers use to help translate languages on websites. Customers can choose from a range of languages and it covers translations of documents and web pages. On the day of the attack, the website did not display this information. Instead, the defaced site showed contents of the email sent by the ex-employee to customers.

WPML’s Security Around Data

In a similar Dutch case, e-commerce companies hired a contractor to develop a series of sites. In the process, he placed a website backdoor into his code and used it to extract customer data. The ex-employee went on to use it for making fraudulent online purchases. What was interesting, as articled by researcher Christopher Burgess, was the weak controls the company had around access rights and authentication procedures. With this case in mind, unanswered questions remain about WPML. As an ex-employee, did access to databases holding customers’ data get revoked as soon as the staff member left? Were scans and security updates carried out or carried out frequently enough to identify the malicious code? Did WPML revoke admin rights, if given?

The WPML have since updated their site and rebuilt the code. Extra security measures implemented included multi-factor authentication. WPML reassure customers all patches are in place and that the rebuilding of servers is taking place. WPML is also seeking legal action.

The following two tabs change content below.
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]
Avatar

Latest posts by Unallocated Author (see all)

Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Do NOT follow this link or you will be banned from the site!