Weebly Confirms Hack That Affected Over 43 Million Users

Later on a few little hiccups and a somewhat long break, the trend of 2022 mega breaches continues. Following the leaks of LinkedIn, MySpace, Tumblr, Dropbox, Yahoo, and several others, today comes a new confirmation. Foursquare and Weebly are the latest in this long line of tech companies who accept had their databases leaked.

Weebly confirms hack that affected over 43 million customers

Weebly, a San Francisco-based company has immune over tens of millions of people since 2007 to create websites with "drag-n-driblet." The visitor confirmed Thursday that hackers managed to hack into its servers earlier in the year. Information of over 43 million users has been stolen during the alienation. LeakedSource, the breach notification site has uploaded a copy of the stolen data that it received from an anonymous source.

The leaked data includes usernames, email addresses, passwords, and IP addresses. Passwords were stored with bcrypt, which is a stiff hashing organisation, making swell passwords a difficult chore. But users should nevertheless change their passwords on Weebly.

Weebly said it will start sending notification messages to all of their customers, informing them of the data breach that occurred eight months ago.

"At this point we do not accept bear witness of any customer website being improperly accessed," said a company spokesperson. "We do not store whatsoever total credit carte numbers on Weebly servers, and at this fourth dimension we're not aware that whatsoever credit card data that tin can be used for fraudulent charges was part of this incident."

"This mega alienation affects non only tens of millions of users merely tens of millions of websites," LeakedSource said. "With Weebly being one of the most popular hosting platforms in the globe, this breach could have been far more disastrous in the wrong hands had they not strongly hashed passwords."

Foursquare too?

LeakedSource has also published information of what information technology says comes from a Square breach. The location-based check-in site has denied the breach. But, the notification site claims that over 22.5 million account credentials were stolen in the breach. "Nosotros have done an internal investigation and no breach has occurred," Foursquare said.

The data uploaded includes e-mail addresses, first and last names, gender, users' location, Facebook ID, and Twitter username.

Weebly and Foursquare are just two latest tech companies that volition come under fire for employing weak security practices. Following a long list of companies that have been hacked into in the past few years, FBI arrested a hacker responsible for LinkedIn hack earlier this calendar month. Is the aforementioned hacker associated with other tech mega breaches? There'due south no confirmation nonetheless, but we await to hear more once he's extradited to the U.s..