The team behind Joomla's open source content management system (CMS) reported a security breach last week.
The incident occurred when a Joomla Resources Directory (JRD) team member left a full backup of the JRD website (resources.joomla.org) in an Amazon Web Services S3 bucket owned by the company.
The Joomla team reported that the backup was not encrypted and contained details of approximately 2.700 users who registered and created a profile on the JRD website, one portal where professionals advertise their Joomla skills.
Joomla administrators said they are still investigating the incident. It is currently unclear if anyone has found and downloaded them data from the Amazon Web Services S3 server.
The data that could have been exposed if someone downloaded the backup includes details such as:
- Full name
- Business address
- Business email address
- Business phone number
- Company URL
- Nature of business
- Encrypted password
- IP address
- Preference to subscribe to newsletters
The severity of this violation is considered low, as most of this information was already public, as the JRD portal serves as a directory for Joomla professionals. However, encrypted passwords and IP addresses were not intended to be public.
The Joomla team now suggests to all JRD users to change their password on the JRD portal, but also on those sites that re-use the same password.
The Joomla team reported that as soon as they discovered the accidental leak of the JRD website backup, they conducted a full security check on the JRD portal.
"THE control also showed the presence of Super User accounts belonging to people outside of Open Source Matters,” the Joomla team said in its disclosure of the breach last Thursday.
Joomla is a content management system (CMS), a web application used to create and manage web pages. It is currently the third most used CMS on the Internet. It lost second place to Shopify this month.
