On January 20, Cybernews researchers discovered a publicly accessible AWS Storage bucket belonging to FreshBooks. While it mainly stored images and metadata of FreshBooks’ blog, among the leaked data, were backups of the website's source code and related database. One of the databases contained information about the site, its configurations, and data of 121 WordPress users. Names, usernames, email addresses, and hashed passwords of the site’s administrators, writers, and editors were exposed. The leaked passwords were hashed using the easily crackable WordPress MD5/phpass hashing framework leaving users’ accounts vulnerable to hijacking.
