Web Hosting Provider Suffers Data Breach Second Time in a Year

The South African department of web hosting provider Hetzner suffers yet another data breach, its second one in the course of a year.

In a report dated October 11, 2018, ZDNet explains how the hack came to light; the report reads, “The South African branch of Hetzner, a well-known web hosting provider, has suffered its second security breach in the past year, ZDNet has learned from the company’s customers…. According to an email affected users received this week, this second breach came to light last week, on Friday.”

ZDNet also quotes a statement from Hetzner, which says, “On Friday, 5 October, our technical team uncovered suspicious activity on our database. A comprehensive audit involving our security team and cyber security specialists is underway to ensure that our systems are secure.”

It’s reported that the hacker could access the customer data that’s usually provided for invoicing purposes, namely names, email addresses, phone numbers, addresses, identity numbers, bank account numbers and VAT numbers. As per company sources, the hackers haven’t been able to access data pertaining to payment cards or users’ websites, or passwords and email content. Yet, users have been asked to stay alert and be wary of phishing scams as the hackers could try some mischief again.

ZDNet reports, “While no highly sensitive details were exposed, according to the company, Hetzner did urge users to keep an eye out for phishing scams. The company believes, and for good reasons, that hackers might try to weaponize the data they stole to send customized phishing emails that may trick users into handing over the data they were not able to retrieve from its servers, such as account logins or card information.”

This is the second hack that Hetzner is suffering in the course of one year. The first one happened in November last year, when the company detected unauthorized access to its KonsoleH control panel database. As a result of the SQL injection vulnerability hack, customer names, telephone numbers, email addresses, domain names, FTP passwords, and bank account details had got exposed. The breach had also affected 40,000 customers.

Coming to the second data breach, Hetzner South Africa is yet to give out any details. The ZDNet report states, “. A Hetzner South Africa spokesperson did not respond to a request for comment from ZDNet seeking information about the scope of this second breach. ”

The report further notes, “Hetzner South Africa should not be confused with its German namesake, Hetzner Online”, and adds a comment from a Hetzner Online spokesperson, “We at Hetzner Online are working independently from Hetzner South Africa. We are partner and family connected, but do not share client information/databases. We develop our systems completely separately in Germany”