Alert ! Godaddy Web hosting server hack



Nordnet Baritof
Nordnet Baritof
  • Technical Writer
  • Entrepreneur
  • Founder and CEO
  • Developer
  • Blogger and IT Analyst
2018-07-10 09:27:00

| Share
| Share
| Share
Alert ! Godaddy Web hosting server hack

Besides Timehop, another data breach was discovered last week that affects users of one of the largest web hosting companies in Germany, DomainFactory, owned by GoDaddy.

The breach initially happened back in last January this year and just emerged last Tuesday when an unknown attacker himself posted a breach note on the DomainFactory support forum.

It turns out that the attacker breached company servers to obtain the data of one of its customers who apparently owes him a seven-figure amount, according to Heise.

Later the attacker tried to report DomainFactory about the potential vulnerability using which he broke into its servers, but the hosting provider did not respond, and neither disclosed the breach to its customers.

In that situation, the attacker head on to the company's support forum and broke the news with sample data of a few customers as proof, which forced DomainFactory to immediately shut down the forum website and initiate an investigation.
 

Attacker Gains Access to a Large Number of Data

DomainFactory finally confirmed the breach last weekend, revealing that following personal data belonging to an unspecified number of its customers has been compromised.

  • Customer name
  • Company name
  • Customer account ID
  • Physical address
  • E-mail addresses
  • Telephone number
  • DomainFactory Phone password
  • Date of birth
  • Bank name and account number (e.g. IBAN or BIC)
  • Schufa score (German credit score)

Well, that's a whole lot of information, which can be used by cybercriminals for targeted social engineering attacks against the customers.

The forum has since been temporarily down, and DomainFactory said that a data feed of certain customer information, accessed by the attacker, was left open to external third parties after a system transition on January 29, 2018.

"We have notified the data protection authority and commissioned external experts with the investigation. The protection of the data of our customers is paramount, and we regret the inconvenience this incident causes, very much," the company said.

 

Change All of Your Passwords


DomainFactory is now advising its users to change passwords for all of the following services and applications "as a precautionary measure," and also change passwords for other online services where you use the same password.

  • Customer password
  • Phone password
  • Email passwords
  • FTP / Live disk passwords
  • SSH passwords
  • MySQL database passwords

Since the compromised data can be used for identity theft and to create direct debits for customers' bank account, users are also recommended to monitor their bank statements for any unauthorized transaction.

So far it is unclear how the attacker got into the Domainfactory servers, but the German publication said the attacker did not give an impression of selling the captured data or leaking it online.

7 best node js frameworks for developers
7 best node js frameworks for developers
7 best node js frameworks for developers

.
Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked

Out of those 30 million accounts, hackers successfully accessed personal information from 29 million Facebook users, though the company assured that t


Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
Google following your every move here is how to limit it

As it turns out, even when you opt to limit Google's ability to track your location when using its search function or apps, some of your time-stam


Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
HOW! Lets Users Modify Group Chats in Whatsapp to Spread Fake News with WhatsApp Flaw

WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security vulnerabilities that could allow malicio


Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
Alert ! Godaddy Web hosting server hack

Besides Timehop, another data breach was discovered last week that affects users of one of the largest web hosting companies in Germany, DomainFa


Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
Stolen D-Link digital certificate malware

Digitally signed malware has become much more common in recent years to mask malicious intentions. Security researchers have discovered a new ma


Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
Google Blocks All Chrome Extension Installations From 3rd-Party

You probably have come across many websites that let you install browser extensions without ever going to the official Chrome web store. It's a g



© 2013-2018 best of geeks. All rights reserved.