ADVERTISEMENT

Canadian cloud accounting unicorn leaks WordPress admin credentials

A popular accounting software provider with more than 30 million users leaked their WordPress admins' credentials, source code, and server backups, risking threat actors hijacking their website.

Image by Cybernews

Image by Cybernews

Paulina Okunytė
Paulina Okunytė Senior Journalist
Apr 6, 2023 Updated: 12 April 2023 2 min read
  • Founded in 2003, FreshBooks is a Canadian-based company providing invoicing, expenses, payments, and financial reporting services. The company claims to have more than 30 million users in 160+ countries.
  • The company left public access to their data, including user credentials for the WordPress site, the website’s source code, and server backups.
  • The data leak imposed various risks, including hijacking the website, making changes to its content, installing malicious software, or stealing sensitive information.
  • Cybernews reached out to FreshBooks and Canadian Centre for Cyber Security, and the access to data was secured.

Easily crackable passwords

ADVERTISEMENT

Risk of hijacking

Staying safe

ADVERTISEMENT