Hostinger disclosed a data breach that affects 14 Million customers

The popular Hosting provider Hostinger disclosed a recent security breach that allowed unauthorized access to a client database.

Hostinger, one of the biggest hosting providers, disclosed a recent security breach that allowed attackers to access a client database.

The security breach took place on August 23 and may have impacted up to 14 million Hostinger customers.

“On August 23rd, 2019 we have received informational alerts that one of our servers has been accessed by an unauthorized third party. This server contained an authorization token, which was used to obtain further access and escalate privileges to our system RESTful API Server*. This API Server* is used to query the details about our clients and their accounts.
*[Latest Edit on 2019-08-25 17:43 UTC]” reads the announcement published by the company.

“The API database, which includes our Client usernames, emails, hashed passwords, first names and IP addresses have been accessed by an unauthorized third party. The respective database table that holds client data, has information about 14 million Hostinger users.

The attackers have compromised an internal server, where they found an authorization token for an internal API, then used the token to access customers’ information via API calls.

Exposed data included Hostinger usernames, hashed passwords (SHA1), customers’ IP addresses, first and last names, and contact information (i.e. Phone numbers, emails, and home addresses). According to Hostinger, financial data were not exposed in the attack.

In response to the incident, the company reset passwords for all impacted customers, Hostinger clients received the following notification and instructions on how to access their account again.

“We have reset all Hostinger Client passwords as a precautionary measure following a recent security incident.” reads the data breach notification published on the company website. “During this incident, an unauthorized third party has gained access to our internal system API, one of which had access to hashed passwords and other non-financial data about our customers.”

The company determined the affected system and locked out the attackers, the provider has immediately taken down the breached server and the abused API.

At the time of writing, the company is investigating the incident with the help of a team of external forensic experts, it also reported the hack to the authorities.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Hostinger, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.