Drupal Hack: Over the past few days, hackers have compromised at least 12 million websites that have been using Drupal software. In a public service announcement Drupal said attackers had taken advantage of a bug in its widely used software.
The websites use Drupal software to manage web video, text, images and content.
As part of the announcement, Drupal issued a security warning to those users who failed to apply a patch for a bug that was discovered on October 15th and said the sites can ‘assume’ that they were hacked.
In the Drupal Hack announcement that was considered to be “critical”, Drupal’s security team recommended that any site owners who have failed to take action within seven hours of the bug being discovered on 15 October should “should proceed under the assumption” that their site was compromised.
It was estimated that up to 5.1% of the billion or so websites that use Drupal 7 as their content management system (CMS) were affected, meaning the number of sites needing patching could be as high as 12 million. This could consist of the largest Drupal hack episode since its launch.
Anyone who had not yet updated should do so immediately, it warned.
To learn more about Tooit’s Drupal Services, please click here.-