A known web development site meant for educational purposes has recently disclosed a security breach. Specifically, the website SitePoint admitted the data breach after the hackers started selling the stolen data.
SitePoint Disclosed Data Breach
Reportedly, the WebDev site SitePoint has disclosed a data breach recently via an email to its customers. SitePoint is a popular platform that publishes books, articles, and courses on web development.
Earlier, Bleeping Computer reported in December 2020 about a hacker who put up a huge database for sale on the dark web. The database included stolen data from 26 different companies.
While many of the cybersecurity incidents were known, some remained undisclosed officially. SitePoint’s incident was one of the undisclosed ones.
After this initial data dump, another threat actor ShinyHunters also posted a database redirected to SitePoint.
However, the platform recently admitted the security breach via an email to the users. Though, they didn’t confirm or disclose the same via other official forums such as their website or social media platforms.
As shared by Bleeping Computer, the email reads,
We have recently confirmed that SitePoint’s infrastructure was breached by a third party and some non-sensitive customer data was accessed as part of this attack.
Specifically stating about the breached data, the email mentions users’ names, email addresses, usernames, hashed passwords, and IP addresses.
Regarding how the attack happened, the firm explained that the attackers accessed a third-party tool in use by the admins for monitoring GitHub accounts. The perpetrators then pilfered the API keys and intruded on the codebase and the system.
Following the incident, SitePoint started investigations of the matter. Moreover, they also rotated the stolen API keys.
Besides, they have reset the passwords for all user accounts, instructing everyone to set up new passwords on the next login.
However, the company hasn’t discussed anything about the data already available on the dark web. Some users have even reported phishing emails to have flooded their mailboxes.
Therefore, all the users can now do is to remain wary of phishing emails. Plus, all users must ensure keeping their systems updated with robust antimalware to combat any potential malware attacks.