One of our user’s passwords got hacked: use strong passwords
As some of you might have noticed, a user account on our website got hacked. The reason was probably a weak password. As we can of course not see our passwords, only the respective member could tell. The attacker placed several articles with older dates on our website.
The attacker did quite well. Many actions for hiding the articles were taken. The reason we found it so fast was that all articles trigger the email newsletter. This beacon caught our and also your attention. Sorry for the spam!
Our website is quite well secured. Elevated roles have to authenticate with multiple factors. As a counter measure for the incident, all sessions were terminated within an hour after the incident. The passwords were reset and password strength is now enforced.
What was your latest incident?