For those that 'just want to watch the world burn', today is going to be a good day. The media are buzzing that Weebly was hacked back in February this year, and that 43 million user credentials were stolen. Oh, joyful moments. Sorry to break it to the chaotic neutrals, but the stolen passwords are protected by strong hashing algorithm bcrypt, according to the source, meaning whoever stole the passwords is not going to have a good time decrypting them.
The drag 'n' drop website creator service said in a statement that IP addresses were also taken, but that there are no signs of any websites being compromised.
“We do not believe that any customer website has been improperly accessed,” Weebly said. It wasn’t disclosed who was behind the breach, either. But perhaps even more importantly – the company does not store credit card information, meaning any money theft is pretty much out of the picture. LeakedSource, who first broke the news, said it found out about the breach from an 'anonymous source'.
Weebly has started sending out password resets, but if you don't get one, change your password regardless. Large data breaches, where millions of user credentials get stolen, has become somewhat trendy as of lately. LinkedIn, Twitter, MySpace, Mail.ru, those are just some of the more recent breaches.
Cybersecurity experts are constantly warning people to use strong passwords, not to recycle them, not to give them to anyone and change them every once in a while. If that's too much work for you, you can always go for a password manager. They're decent these days.
Image Credit: Balefire / Shutterstock