Categories: HackingSecurity

Drupal data breach exposes data of 1 million users

Drupal data breach – The Drupal Association with an official notice revealed that Drupal was hit by a large-scale data breach that could have exposed data for nearly 1 million accounts.

A Drupal data breach was announced by the official Drupal Association, Drupal hit by a large-scale data violation that could have exposed data for nearly one million accounts.

The news has been provided by The Drupal Association with an official notice, the security of the open source content management system has been compromised, as countermeasure it is resetting the passwords for nearly one million accounts in the wake of a data breach.

Unknown hackers have exploited a known vulnerability in a third-party software that was installed on the server infrastructure to access to the system, The hasn’t revealed the name of the third-party application exploited during the attack.

Evidence of the Drupal data breach was found during a routine security audit:

“Upon discovering the files during a security audit, we shut down the website to mitigate any possible ongoing security issues related to the files,” “The Drupal security team then began forensic evaluations and discovered that user account information had been accessed via this vulnerability.”

“The Security Team and Infrastructure Team have discovered unauthorized access to account information on and

This access was accomplished via third-party software installed on the server infrastructure, and was not the result of a vulnerability within Drupal itself. This notice applies specifically to user account data stored on and, and not to sites running Drupal generally.”

The Drupal data breach is considerably really serious about user’s security, an impressive amount of web sites is based on the popular content management, according the official notice information exposed for almost one million accounts includes usernames, email addresses, and country information, as well as hashed passwords.

The Security Team confirmed the “unauthorized access” to their system, highlighting that there’s no evidence that any information was actually stolen. As a precautionary measure was requested all users to reset their passwords at their next login attempt.

Holly Ross, Executive Director for Drupal Association confirmed that they are investigating on the incident that could have exposed also other info:

“We are still investigating the incident and may learn about other types of information compromised, in which case we will notify you accordingly,”

The attacks to Open Source CMS solutions are not an isolated cases due their large diffusion, in the past Joomla and WordPress platforms were hit and used to spread malicious code, WordPress recently was hit by a massive “brute-force” attack by botnet composed by almost 100,000 bots.



It’s easy to predict that this kind of attacks is likely to increase for the large-diffusion of these platforms which makes them privileged targets.

Pierluigi Paganini

(Security Affairs – Hacking)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

The Financial Dynamics Behind Ransomware Attacks

Over the last few years, ransomware attacks have become one of the most prevalent and…

2 hours ago

Empire Market owners charged with operating $430M dark web marketplace

Federal authorities charged two individuals with operating the dark web marketplace Empire Market that facilitated…

11 hours ago

China-linked Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign

Chinese cyberespionage group Velvet Ant was spotted using custom malware to target F5 BIG-IP appliances…

13 hours ago

LA County’s Department of Public Health (DPH) data breach impacted over 200,000 individuals

The County of Los Angeles’ Department of Public Health (DPH) disclosed a data breach that…

20 hours ago

Spanish police arrested an alleged member of the Scattered Spider group

A joint law enforcement operation led to the arrest of a key member of the…

22 hours ago

Online job offers, the reshipping and money mule scams

Offers that promise easy earnings can also bring with them a host of scams that…

1 day ago

This website uses cookies.