The Cybernews research team issued the alert after discovering the database in late January 2023. Although it initially appeared to hold storage images and metadata of the company’s blog, deeper analysis revealed backups of the website’s source code, site information, configurations, and login data for 121 WordPress users. The login data, which included usernames, email addresses, and hash passwords, belonged to the site’s administrators and was hashed using the “easily crackable” MD5/phpass hashing framework.
