Web development website SitePoint recently disclosed a cybersecurity incident involving the information of its users, said ZDNet. The issue was revealed after the malicious party posted the collection for sale in December last year.
The notification email was sent to affected users informing them of the breach that occurred last year. According to the email, “At this point, we believe the accessed information mainly relates to your name, email address, hashed password, username, and IP address.”
Bleeping Computer reported a security issue back in December 2020 in which revealed that 26 different companies suffered a data breach. SitePoint is included in the list, stating that the database contained one million records.
Other companies included in the list include Juspay, Teespring, MyOn, Knockcrm, Mindful, and many others.
The company urged its users to reset their passwords on any SitePoint account they have. New passwords should be a minimum of ten characters long.
The company assured users that their passwords are safe, especially as the passwords are hashed using bcrypt algorithm and salted. This means that anyone with the hashed passwords may face challenges in cracking them.
Any accounts with the same password are also encouraged to use a new one. The email said, “We recommend that you change passwords from any other websites that may be a supplicate of your SitePoint password, just as a precaution.”
It further advised that individuals who have deactivated their accounts do not need to take further action. However, they are urged to be wary about crime attempts such as phishing and fraud.
Regarding the method of the breach, the company said that evidence point to “a third party tool [they] used to monitor [their] GitHub account,” which the threat actor was able to access.
By getting access to this tool, the hacker was able to obtain SitePoint’s codebase and access into their systems. However, the company assured that the tool has been removed since the detection of the issue. The site also rotated API keys and changed passwords.
ZDNet noted that while SitePoint did not mention the name of the tool, the company is likely to be talking about WayDev a tool from GitHub’s analytics service. WayDev disclosed a cybersecurity incident last summer.
The WayDev incident also resulted in the breach of Teespring, a custom apparent vendor by the same hacker within the same package in which the SitePoint information was sold.