Hetzner, which is a well-known web hosting provider, whose South African branch has now suffered its second security breach, in the past year.
The company’s customers have reported the same to ZDNet. The report according to the affected users, who sent the email said that the second breach of security only came into notice on last week Friday, i.e. the 5th of October.
It was on the 5th of October that the technical team of the company saw some suspicious activities in the company’s database. The web hoster said that a full and comprehensive audit along with the security team and specialists of cybersecurity, is very much underway to see that the systems are very much secure.
It has been known and said by the company that the hacker tried to access the customer details. This includes the names, email addresses, phone numbers, residential addresses, identity numbers, bank account numbers and also VAT numbers too. These types of data are mostly used for the purpose of invoicing. However, it has been told by the company that the hackers have not gained access to the details of payment cards, passwords, email content as well as users’ websites.
Even though no data which are highly sensitive have been let go of, the company do claims to keep an eye out for phishing scams as well. For good reasons, the company does believe that hackers do may try to use the data they’ve stolen as weapons against the customers. With the use of the data that the hackers have stolen, the hackers may try to send phishing emails to the customers.
And the customers have to keep in mind about this fact. These phishing emails will try to extract more data from the users, which were not retrieved during the breach. The data include account logins or debit or credit card information. This incident has clearly marked the second breach in the past 12 months. The first attack was in November 2017. And this is why you should always go with good Hosting Services.
The details of the first hack are available in the company’s own blog. It has been told by the company that the attackers have used an SQL injection vulnerability, in order to gain access into the company’s main console database, known as the ‘konsoleH’.
It is being reported that almost data of 40,000 customers have been affected by the security breach. There has been no response from the company’s spokesperson yet. Also, it should be noted that South African Hetzner is not the same company as the German company, Hetzner Online. The spokesperson of Hetzner Online said that systems in Germany are set up and handled in a much different way, than Hetzner South Africa. The German counterpart Hetzner Online also suffered breaches in 2011 and 2013.
The company has been under heavy criticism due to the latest security breach, including the notification email, which didn’t highlight the seriousness of the issue. The users of the company’s services also criticized the company for getting hacked, even after claiming an increase in security measures and also had undergone an audit after the latest breach.