What caused the Panama Papers hack?

By on
What caused the Panama Papers hack?

A zero-day flaw in Drupal is now being said to be how hackers penetrated the network of law firm Mossack Fonseca and siphoned out more than 11.5 million files, according to The Hacker News.

The theft of around 2.6 terabytes of data in what is now being termed the Panama Papers – which revealed confidential details of individuals' tax-avoidance schemes and implicated 72 heads of state – was originally believed to be the result of an unpatched vulnerability in the widely used open source Drupal content management system.

Critical patches were scheduled to be released on Wednesday to address a number of security issues in Drupal contributed modules used on between 1,000 and 10,000 sites, including several highly critical remote code execution (RCE) flaws. 

In an advisory, the Drupal Security Team advised users to update modules ASAP as "exploits are expected to be developed within hours/days."

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

How do you feel about Telstra's new services play?
Telstra has become a direct threat - we'll only work with other carriers
We can live with this - we'll still use Telstra networks
This is an opportunity for us - customers liked working with Telstra's sub-brands
This changes nothing - Telstra was always a competitor
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?