Pi-hole, an esteemed network-level advertisement blocker, has unveiled a significant security vulnerability that led to the exposure of donor names and email addresses due to a flaw in the GiveWP WordPress donation plugin. This incident underscores the imperative for cybersecurity vigilance, particularly within platforms that handle sensitive user information.
Initially conceived for operation on Raspberry Pi single-board computers, Pi-hole has transcended its original design to support a plethora of Linux systems, whether on dedicated hardware or virtual machines. Its fundamental function is to act as a DNS sinkhole, filtering out superfluous content before it infiltrates users’ devices.
The organization became aware of the breach on Monday, July 28, when several donors began to receive dubious emails at addresses they had exclusively provided for donation purposes. This alarming revelation highlighted the vulnerabilities in the system that should have safeguarded donor data.
In a detailed post-mortem issued on Friday, Pi-hole elaborated that the breach specifically impacted users who had utilized the donation form on their website to contribute towards ongoing development, thereby compromising personal information that became visible to anyone proficient enough to inspect the webpage’s source code. This exposure resulted directly from a security flaw within the GiveWP plugin.
The vulnerability enabled donor information to be publicly accessible without requiring any form of authentication or specialized access rights. While Pi-hole has refrained from disclosing the exact number of affected individuals, the data breach notification service “Have I Been Pwned” has since included this breach in its database, estimating that nearly 30,000 donors were impacted; alarmingly, 73% of these exposed records had already been cataloged within their system.
No Financial Data Compromised
Importantly, Pi-hole has clarified that no financial information was compromised during this incident. Credit card details and other payment information are processed directly by payment gateways such as Stripe and PayPal, thus remaining insulated from the breach. Moreover, the Pi-hole software itself was left unharmed.
“We emphasize in the donation form that a valid name or email address is not a requirement; it merely serves the function of allowing users to oversee and manage their donations,” Pi-hole stated. “Crucially, the Pi-hole product does not feature in this breach. Users with Pi-hole installed on their networks need not take any action.”
Nevertheless, while GiveWP enacted a patch shortly after the vulnerability was reported on GitHub, Pi-hole expressed dissatisfaction with the developer’s response, highlighting a significant 17.5-hour delay in notifying users. The organization criticized the adequacy of the acknowledgment concerning the potential ramifications on donor names and email addresses.
As a gesture of accountability, Pi-hole has issued an apology to the affected donors, recognizing the potential detriment to their reputation following this security lapse. “Although this vulnerability was not predictable, we acknowledge our responsibility for the subsequent data breach,” they noted.
“The names and email addresses of all individuals who ever donated via our donation page were laid bare for the world to see—accessible to anyone knowledgeable enough to right-click and select ‘View page source.’ Within a matter of hours following the report, a patch was deployed, resulting in the release of version 4.6.1”. Pi-hole further elaborated in its blog post, scrutinizing the incident.
“We assume full responsibility for the software we deploy. Our trust in a widely-used plugin has been compromised,” they concluded, emphasizing the weight of this incident and its implications for both the organization and its supporters.
Source link: Bleepingcomputer.com.
