One of the largest hosters in the world, Hostinger, reports that unknown attackers managed to gain access to the internal server and, possibly, customers’ information. Because of this incident, data leakage could have affected 14 million users.
According to company representatives, the incident took place on August 23, 2019. Having penetrated the server, the hacker found an authorization token there, thanks to which he managed to gain access to the RESTful API and information about 14 million clients, including username, email addresses, hashed passwords, names and IP addresses.“The API database, which includes our Client usernames, emails, hashed passwords, first names and IP addresses have been accessed by an unauthorized third party. The respective database table that holds client data, has information about 14 million Hostinger users”, — report Hostinger specialists.
Currently, an investigation is on its way, but representatives of the hoster are already resetting passwords for affected accounts.
Read also: Neutrino Botnet Seizes Web Shells of Other Hackers
It is emphasized that the attackers did not get to the financial information and did not break user sites.
“Payments for Hostinger services are made through authorized and certified third-party payment providers. It means that we never store any payment card or other sensitive Client financial data on our servers and it has not been accessed or compromised”, — claim in Hostinger.
One of the Hostinger clients who were affected by the compromise contacted the company and asked what kind of hashing algorithm was used for passwords. Hostinger replied that the data was hashed using SHA-1, and now, after resetting the passwords, SHA-2 is used.
The exact number of victims of this incident is not yet known, since the attacker accessed the database through the API, and there were no records of exactly which calls he made. In fact, at present Hostinger experts act basing on worst-case scenario, that is, they assume that the compromise affected all users (although there is no direct evidence of this).
Following the password reset, we urge our Clients to choose strong passwords that are not utilized on other websites. Clients should be cautious of any unsolicited communications that may ask for your login details, personal information or refer you to a website asking for the above-mentioned information. We also strongly suggest to avoid clicking on the links or downloading attachments from suspicious emails.
We remind our Clients not to use the same passwords on multiple service providers across the web and to generate strong unique passwords with password management tools.
User Review
( votes)
I think you wrote in a very good and stunning way.