The SitePoint web developers community has disclosed a data breach after one million user credentials were sold on a forum, eventually leaked for free in hacker forum.
SitePoint is a website launched in 1999 that offers content and a community devoted to web professionals and developers.
The site offers a premium membership that provides access to over 600 books, courses, and talks.
SitePoint admits security breach this week in emails sent to some of its users.
On January 26th, 2021, a threat actor known as ShinyHunters shared the database for Learnable.com for free on a hacker forum. The learnable.com redirects to the Sitepoint.com domain.
This database contains 1,020,959 people, including members’ names, email addresses, bcrypt hashed passwords, date of birth, country, IP address used during registration, and other information.
The company also said a statement, “At this point, we believe the accessed information mainly relates to your name, email address, hashed password, username, and IP address.”
SitePoint Sent emails of the data breach.
SitePoint disclosed a data breach where they confirm that threat actors hacked their systems and stole member data in an email sent to users.
“We have recently confirmed that a third party breached SitePoint’s infrastructure, and some non-sensitive customer data was accessed as part of this attack.”
“As a precautionary measure, while we continue to investigate, we have reset passwords on all accounts and increased our required length to 10 characters. Next time you log in to SitePoint, you will need to create a new password,” SitePoint states in a data breach notification.
SitePoint said that based on the current situation, the breach occurred after the attackers gained access to “a third-party tool they used to monitor their GitHub account.”
“This allowed access through our codebase into our systems. This tool has since been removed, all of our API keys rotated, and passwords changed,” the company said.
While SitePoint doesn’t mention this tool by name, it is most likely referring to a tool from Git analytics service Waydev, which disclosed a security breach last summer.
This same tool was also used to breach custom apparel vendor Teespring, whose data was also sold by the same hacker, in the same package simultaneously as the SitePoint data.
SitePoint has now initiated a password reset on all accounts and asks users to choose new ones that are at least ten characters long.
The tutorials and books publisher believes that the stolen passwords are currently safe, as they have been hashed with the bcrypt algorithm and salted, which should make cracking the password strings to its plaintext version a pretty lengthy process for the time being.