Skip to main content

Weebly hacked, 43 million user credentials stolen

For those that 'just want to watch the world burn', today is going to be a good day. The media are buzzing that Weebly was hacked back in February this year, and that 43 million user credentials were stolen. Oh, joyful moments. Sorry to break it to the chaotic neutrals, but the stolen passwords are protected by strong hashing algorithm bcrypt, according to the source, meaning whoever stole the passwords is not going to have a good time decrypting them. 

The drag 'n' drop website creator service said in a statement that IP addresses were also taken, but that there are no signs of any websites being compromised. 

“We do not believe that any customer website has been improperly accessed,” Weebly said. It wasn’t disclosed who was behind the breach, either. But perhaps even more importantly – the company does not store credit card information, meaning any money theft is pretty much out of the picture. LeakedSource, who first broke the news, said it found out about the breach from an 'anonymous source'. 

Weebly has started sending out password resets, but if you don't get one, change your password regardless.  Large data breaches, where millions of user credentials get stolen, has become somewhat trendy as of lately. LinkedIn, Twitter, MySpace,, those are just some of the more recent breaches.  

Cybersecurity experts are constantly warning people to use strong passwords, not to recycle them, not to give them to anyone and change them every once in a while. If that's too much work for you, you can always go for a password manager. They're decent these days.

Image Credit: Balefire / Shutterstock

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.