Cloud Database Exposes 800M+ WordPress Users’ Records
Security researcher Jeremiah Fowler explained that the trove was left online with no password protection by US hosting provider DreamHost. The 814 million records he found were traced back to the firm’s managed WordPress hosting business DreamPress and appeared to date back to 2018. In the 86GB database, there was purportedly admin and user information, including WordPress login location URLs, first and last names, email addresses, usernames, roles, host IP addresses, timestamps, and configuration and security information.
