What caused the Panama Papers hack?

By on
What caused the Panama Papers hack?

A zero-day flaw in Drupal is now being said to be how hackers penetrated the network of law firm Mossack Fonseca and siphoned out more than 11.5 million files, according to The Hacker News.

The theft of around 2.6 terabytes of data in what is now being termed the Panama Papers – which revealed confidential details of individuals' tax-avoidance schemes and implicated 72 heads of state – was originally believed to be the result of an unpatched vulnerability in the widely used open source Drupal content management system.

Critical patches were scheduled to be released on Wednesday to address a number of security issues in Drupal contributed modules used on between 1,000 and 10,000 sites, including several highly critical remote code execution (RCE) flaws. 

In an advisory, the Drupal Security Team advised users to update modules ASAP as "exploits are expected to be developed within hours/days."

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition

Most Read Articles

Log In

  |  Forgot your password?