Website Creating Company Faces Data Breach Affecting Over 40 Million Users



The San Francisco-based drag and drop website creating company Weebly Inc. suffered a data breach that exposed information on 43,430,316 users in February, recently announced after an anonymous source provided it with Weebly’s database.

Weebly acknowledged the breach in a statement to Bloomberg BNA, but did not mention the exact number.

“Weebly recently became aware that an unauthorized party obtained email addresses and/or usernames, IP addresses and encrypted (bcrypt hashed) passwords for a large number of customers,” the company said in a statement. “At this point we do not have evidence of any customer website being improperly accessed.”

Leaked Source said that the passwords of Weebly’s users were “stored using uniquely salted Bcrypt hashing, which helped mitigated the severity of the breach.

Weebly is working with security experts and “initiating password resets, implementing new password requirements and a new dashboard that gives customers an overview of recent log-in history,” according to its statement.

Leaked Source is a search engine for data found online that gives “users the ability to search and find whether their data is available online or not.”

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.