Weebly.com Breach

ORGANIZATION: Weebly.com
DATE OF BREACH: February 2016
DATE MADE PUBLIC: October 20, 2016
RECORDS AFFECTED: 43 Million

San Francisco-based web hosting service, Weebly.com, had information on 43,430,316 users leaked from its main database in February of 2016. Compromised information includes usernames, email addresses, passwords, and IP addresses.

Luckily, the obtained passwords are nearly useless to identity thieves, as they were strongly protected with the hashing algorithm, bcrypt. Because Weebly hosts millions of websites, this breach could have been much more catastrophic had this layer of protection not been added. As more and more companies fall victim to data breaches, Weebly made a sound choice in enhancing the protection of their users’ passwords.

“At this point we do not have evidence of any customer website being improperly accessed,” a spokesperson said in a statement to SC Magazine. “We do not store any full credit card numbers on Weebly servers, and at this time we’re not aware that any credit card information that can be used for fraudulent charges was part of this incident.”

The company said it is working with security consultants to enhance network protection, initiating password resets, and adding a dashboard where customers can view recent log-in history to track account activity