Joomla team discloses data breach. Joomla says a team member left an unencrypted backup of the JRD portal on a private AWS S3 bucket. The team behind the Joomla open source content management system (CMS) announced a security breach last week. The incident took place after a member of the Joomla Resources Directory (JRD) team left a full backup of the JRD site ( resources.joomla.org ) on an Amazon Web Services S3 bucket owned by their own company. Third-party company: Open Source Matters.