SitePoint, a platform having learning tools for web developers, has disclosed a data breach officially. In the emails it sent to some of its customers, SitePoint described that the threat actor had accessed its database by affecting a third-party tool, which is now disabled. For safety, it had reset all user passwords and asked them to set new and strong ones.
SitePoint Data Breach
SitePoint is a famous site among budding developers since they can learn about web development through books, tutorials, and courses. After having a database with over one million records leaked in a cybercriminal group last year, SitePoint has now formally disclosed the incident through emails sent to some of its users.
In them, SitePoint acknowledged the incident of a hacker posting the stolen database for sale in December 2020 and revealed that an intrusion happened into its systems sometime last year. It said, “At this point, we believe the accessed information mainly relates to your name, email address, hashed password, username, and IP address.”
The platform has now started to reset all the user account passwords and is asking users to set strong new ones, like being at least ten characters long. An alphanumeric password combined with special characters is recommended for better security.
It’s also described that this data leak may not be so impactful since the leaked passwords are hashed with the bcrypt algorithm and salted, which can take enough time to let users change their passwords. Getting such hashed passwords into plaintext is a lengthy process, though.
Also, SitePoint recommended users to “change passwords from any other websites that may be a duplicate of your (users) SitePoint password, just as a precaution.” Though the company hasn’t revealed its git breached, it was indirectly linked to the Waydev incident.
It’s a third-party analytics tool used to monitor SitePoint’s GitHub account and was compromised last year. This led to compromising many of its clients, like Teespring last month. SitePoint said that “allowed access through our codebase into our systems. This tool has since been removed, all of our API keys rotated, and passwords changed.”