Webdev Tutorials Site ‘SitePoint’ has Disclosed a Data Breach

The website Sitepoint, which provides access to online study and information on web development content tutorials and books, reported a security breach. The organization has informed its users by email this week.
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
System ram type: DDR4_sdram
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
The organization formally admitted a data breach after threat actors have successfully put up a collection of one million SitePoint user’s credentials on a cybercrime forum in December 2020 for sale.
This week, SitePoint, while confirming the cyber attack on its systems, said in a report, “At this point, we believe the accessed information mainly relates to your name, email address, hashed password, username, and IP address,” the company said.
On the prevention front, SitePoint is instigating a password reset on all its users’ accounts while giving its users an option for new ones that must be at least ten characters long.
Also, publishers of web development tutorials and books believe that the stolen credentials are currently in a secure space as they have been hashed with salted and bcrypt algorithms – which makes cracking the password strings to its plaintext version a very long process, which is a complex task.
“We recommend that you change passwords from any other websites that may be a duplicate of your SitePoint password, just as a precaution,” the company added.
Besides, the company stated that based on current information, the data breach has taken place after threat actors acquired control of the system of the third-party which they used to monitor their GitHub account.
“This allowed access through our codebase into our systems. This tool has since been removed, all of our API keys rotated and passwords changed,” the company said.
“This same tool was also used to breach custom apparel vendor Teespring, whose data was also sold by the same hacker, in the same package, at the same time”, the SitePoint data reads.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.