Leading website builder platform Weebly this week confirmed that its main customer database was hacked.
The security breach, which took place in February this year, was confirmed by the San Francisco based web hosting company in a letter to subscribers earlier this week.
In the leaked notice Weebly said it had “recently became aware that an unauthorized party obtained email addresses and/or usernames, IP addresses and encrypted (bcrypt hashed) passwords for a large number of customers.”
Weebly insisted, however, that credit card details, passwords and customer websites were not compromised in the hack but advised all users to reset their passwords immediately.
A Weebly spokesman told technology news site ZDNet: “At this point we do not have evidence of any customer website being improperly accessed. We do not store any full credit card numbers on Weebly servers, and at this time we’re not aware that any credit card information that can be used for fraudulent charges was part of this incident.”
Weebly’s high-level password encryption, and the fact that it doesn’t store customer financial information on its main servers, prevented wider consequences, security experts said.