Oh, it is good.

https://twitter.com/hashtag/ParlerLeaks

https://twitter.com/hashtag/parlerhack

Post any good finds.

Best explanation I've seen why this is a big deal.

WordPress Config file being accessible is a big yikes. Gives you the destination for the DB as well as the username and password to sign into it. MySQL export and anything not using MD5 Hash is visible right away - the rest? Decrypt.

Soon as the DB has been exported, game over.

https://twitter.com/IckleIzu/status/1331401417186299909

  • DasRav [none/use name]
    ·
    4 years ago

    Yes it is extremely possible to make things secure. Not 100% secure because math is complicated, but functionally so.

    It's just not trivial to do so. Which is why this happened.