Tuesday, May 13, 2025
HomeData BreachHostinger Hacked - Hackers Gained Access to the 14 Million Customers Internal...

Hostinger Hacked – Hackers Gained Access to the 14 Million Customers Internal Systems Data

Published on

SIEM as a Service

Follow Us on Google News

Hostinger announced a major data breach that affected nearly 14 million customers, and it reset all the client’s password as a precaution measures.

Hostinger is one of the leading web hosting services provider and Internet domain registrar that provide services over 29 million users in 178 countries

cybercriminals bypass the Hostinger’s internal networks, and gained unauthorized access to internal system API which allows attackers to access hashed passwords, and some of the other sensitive data.

- Advertisement - Google News

Hostinger said that there is no financial data involved this security breach and the vulnerable systems access has been terminated.

Hackers Gained the Internal System Access

Hostinger received an alert on August 23rd, 2019 that indicates unauthorized third access to one of their servers which contains an authorization token.

The token has allowed access and escalates the privilege to system RESTful API Server, which is used to query the details about our clients and their accounts.

According to Hostinger press release report “The API database contains various sensitive customers data including Client usernames, emails, hashed passwords, first names and IP addresses and the database table contains the information about 14 million Hostinger users.”

There is no financial data such as credit/debit card data involved with this incident since the Hostinger using third-party payment providers for the payment process for its services.

After they learned this incident, Hostinger has been reset all the customer’s password and sent an email to all the customers to reset the password.

Other than this, there are no other partners websites, domains, hosted emails are affected.

The company started the investigation with security exports, internal/external investigators to analyze the incident to increase the security protocols and learn the motivation of this breach and apply the strong security measures to prevent from the future Cyber attacks.

Hostinger advised it’s customers that don’t use the same passwords on multiple service providers across the web and to generate strong unique passwords with Password Manager.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and Hacking New updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Lumma Stealer Upgraded with PowerShell Tools and Advanced Evasion Techniques

Sophos Managed Detection and Response (MDR) in September 2024, the notorious Lumma Stealer malware...

New Noodlophile Malware Spreads Through Fake AI Video Generation Platforms

Cybercriminals have unleashed a new malware campaign using fake AI video generation platforms as...

Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns

The North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black...

APT37 Hackers Use Weaponized LNK Files and Dropbox for Command-and-Control Operations

The North Korean state-sponsored hacking group APT37, also known as ScarCruft, launched a spear...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Cyberattackers Targeting IT Help Desks for Initial Breach

Cybercriminals are increasingly impersonating IT support personnel and trusted authorities to manipulate victims into...

Nomad Bridge Hacker Apprehended in Connection with $190 Million Heist

Alexander Gurevich, a 47-year-old dual Russian-Israeli citizen, was arrested last Thursday at Ben-Gurion Airport...

LockBit Ransomware Group Breached: Internal Chats and Data Leaked Online

The notorious LockBit ransomware group, once considered one of the world’s most prolific cyber...