Hetzner South Africa HACKED – customer details compromised

[SQL Injection is the most dangerous form of hacking in my opinion, and I’ve had my websites hacked before. I’ve also seen my logs filled with attempts to hack by SQL Injection. When I worked for the bank I had to harden 2 of my systems against SQL Injection. Its a particularly nasty form of hacked. They can delete, damage or change your data without you knowing (unless its actually deleted outright). So there you have it. Heztner South Africa hacked. I wonder how that occurred. Jan]

https://techcentral.co.za/wp-content/uploads/2017/10/padlock-2156-1120-768×399@2x.jpg

A key database operated by large South African data centre operator and website hosting service provider Hetzner has been hacked, and the company is advising clients to change their passwords immediately.

Hetzner, which is based in Midrand in Johannesburg, advised clients on its website on Wednesday that earlier in the day it had become aware of “unauthorised” access to its konsoleH control panel database.

“We can confirm that a SQL injection vulnerability was identified within konsoleH, which has been corrected,” it said. “We shut down access to konsoleH during the course of the day while investigations proceeded.”

We can confirm that a SQL injection vulnerability was identified within konsoleH, which has been corrected
Although konsoleH administrator passwords have not been compromised, Hetzner has “proactively updated all FTP passwords which were exposed”.

“It is imperative that customers update all passwords associated with their Hetzner account immediately, including konsoleH admin passwords,” it said.

The following details were exposed:

Customer details (name, address, telephone numbers and e-mail addresses);
Domain names;
FTP passwords;
Bank account details (cheque/savings) — no credit card details were stored.
While FTP passwords have been updated, customers will need to reset this password to gain access. If they have made use of an additional FTP user, they will need to manually update these passwords via konsoleH.

Forensic investigation

“Should you have provided konsoleH access details to any other parties, please advise them to update their login details as soon as possible. Mailbox users are able to update their passwords via our webmail interface.”

Hetzner said it has appointed external forensic investigators, who are already on site, to investigate the breach.

“We understand that this event has shaken your confidence in us. It is our earnest commitment to provide you with a hosting service you can trust.” — © 2017 NewsCentral Media

Source: https://techcentral.co.za/hetzner-hacked-customer-details-compromised/77920/

1 thought on “Hetzner South Africa HACKED – customer details compromised”

Leave a Reply