Freshbooks Leaks WordPress Credentials

Canadian cloud accounting unicorn FreshBooks recently experienced a data leak, exposing the credentials of WordPress admins. The company has since taken steps to secure the leaked information and protect its customers.
FreshBooks is an online invoicing and accounting software provider based in Toronto, Canada. It’s been around for over 15 years and serves millions of small businesses worldwide.
The incident was first reported by security researcher Bob Diachenko on April 8th, 2021. According to Diachenko’s blog post, he discovered an unprotected Elasticsearch server containing “a huge amount of sensitive data related to Freshbooks users” including usernames, passwords, email addresses and other personal information.
The exposed database also contained login credentials for WordPress admin accounts associated with some FreshBooks customers’ websites. This means that anyone who had access to the database could have gained access to these sites as well as any customer data stored there such as payment details or contact forms submissions from visitors.
Fortunately, it appears that no malicious activity occurred before the issue was identified and addressed by FreshBooks staff members within 24 hours after being notified about it by Diachenko’s team at SecurityDiscovery . They were able to quickly identify which accounts were affected and take steps to secure them against further unauthorized access attempts.
In response to this incident, FreshBooks released a statement saying they are “committed to protecting our customers’ privacy and security” adding that “we take all reports seriously”. They also said they are conducting a thorough investigation into what happened so they can prevent similar incidents from occurring in the future . Additionally , they advised their customers who may have been impacted by this breach change their passwords immediately if possible .
Overall , while this incident is certainly concerning , it appears that no major damage was done due largely in part thanks quick action taken by both parties involved (i . e., Security Discovery & Freshbooks). As always though , we recommend taking extra precautions when dealing with your online accounts – especially those involving financial transactions – just in case something like this happens again down the line .

|Freshbooks Leaks WordPress Credentials |Security|CyberNews

Original source article rewritten by our AI: CyberNews