Early this morning Wordfence released information from a security audit performed after the Mossack Fonseca breach that points to an outdated plugin on the firm’s WordPress site as the likely attack vector.
Mossack Fonseca had been running a horribly out of date version of the Slider Revolution plugin for WordPress, created by ThemePunch. They further detailed how the intruder may have then been able to move from WordPress to an e-mail server on the same network. In addition to the out of date WordPress plugin that eventually created a massive e-mail breach, the firm also exposed their clients to risk by running their customer portal on an out of date version of Drupal with a number of known vulnerabilities. The out of date version of Drupal allowed the attacker to gain access to millions of documents.
What did this single out of date WordPress plugin cost the firm? More than 4.8 million e-mails, 2 million PDFs, 1 million images and 320,000 additional text documents, totaling…
2.6 TERABYTES (Terabytes with a giant “T”)
Additionally, it has dropped a number of political figures quite deep into controversy.
ThemePunch, the creator of Slider Revolution has been in the spotlight before, but like any reputable plugin vendor, recommends that you always (ALWAYS) keep WordPress and your plugins up to date!
So there you have it. One of the largest data breaches in recent history with far reaching financial and political implications, caused by a single out of date WordPress plugin. Keep your CMS and your plugins up to date. Mossack Fonseca had a horribly out of date plugin and a horribly out of date version of Drupal. Don’t be like Mossack Fonseca.