Friday, March 29, 2024

Web Hosting Company Domainfactory Hacked – Customers Sensitive Personal Data Leaked

Web hosting company Domainfactory owned support forum has been compromised and hackers leaked personal sensitive data by breaking the customer database.

A stranger who have shared internal data of several customers as a proof and confirmed the data belonged to Domainfactory.

Domainfactory is a German hosting company which is owned by GoDaddy since 2016 and this breach Officially confirmed On 6 July.

The organization initially learned of the episode on 3 July. As indicated by the data that is right now accessible, the information arrived in the hands of outer outsiders on 29 January 2018 through an information feed after a system transaction.

According to the company, On July 3, 2018, a person in the DomainFactory forum claimed access to DomainFactory customer data. We initiated a detailed investigation and found that customer data was accessed by an outside party without authorization. The access route is now secured. We contact all customers with the recommendation to update their DomainFactory passwords.

Domainfactory finally confirmed that, leaked customer data including the following sensitive data.

– Customer name 
– Company name 
– Customer number 
– Address 
– E-mail addresses – Phone 
number 
– DomainFactory Phone password 
– Date of birth
– Bank name and account number (eg IBAN or BIC) 
– Schufa score Please 

Journalist Fabian Scherschel also posted on Twitter, that he was also watching a Twitter thread “in which Lauter #Domainfactory customers ask a hacker about their data because DF does not respond to their requests” (all before Domainfactory’s disclosure).

In our vital Customer Information discharge dated July 7, 2018, we have demonstrated that we as of now removal of all passwords as a prudent measure. As an outcome, we have gotten more request about which gets to ought to be changed precisely. Instructions for changing your passwords can be found here: https://www.df.eu/blog/pw/

– customer password 
– phone password 
– E-mail passwords 
– FTP / Live disk passwords 
– SSH passwords 
– MySQL database passwords 

Also company Said, We have notified the data protection authority and commissioned external experts with the investigation. The protection of the data of our customers is paramount and we regret the inconvenience this incident causes, very much.”

Also Read

How Much a Data Breach Could Cost for Enterprises and what are the Risks Involved

Key Elements and Important Steps to General Data Protection Regulation (GDPR)

Simple & Important Ways to Protect your Business from Cyber Attacks

How To Respond Cyber Incident In your Organization

Website

Latest articles

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed...

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse...

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles