Data Breach

Hostinger disclosed a data breach that affects 14 Million customers

The popular Hosting provider Hostinger disclosed a recent security breach that allowed unauthorized access to a client database.

Hostinger, one of the biggest hosting providers, disclosed a recent security breach that allowed attackers to access a client database.

The security breach took place on August 23 and may have impacted up to 14 million Hostinger customers.

“On August 23rd, 2019 we have received informational alerts that one of our servers has been accessed by an unauthorized third party. This server contained an authorization token, which was used to obtain further access and escalate privileges to our system RESTful API Server*. This API Server* is used to query the details about our clients and their accounts.
*[Latest Edit on 2019-08-25 17:43 UTC]” reads the
announcement published by the company.

“The API database, which includes our Client usernames, emails, hashed passwords, first names and IP addresses have been accessed by an unauthorized third party. The respective database table that holds client data, has information about 14 million Hostinger users.

The attackers have compromised an internal server, where they found an authorization token for an internal API, then used the token to access customers’ information via API calls.

Exposed data included Hostinger usernames, hashed passwords (SHA1), customers’ IP addresses, first and last names, and contact information (i.e. Phone numbers, emails, and home addresses). According to Hostinger, financial data were not exposed in the attack.

In response to the incident, the company reset passwords for all impacted customers, Hostinger clients received the following notification and instructions on how to access their account again.

“We have reset all Hostinger Client passwords as a precautionary measure following a recent security incident.” reads the data breach notification published on the company website. “During this incident, an unauthorized third party has gained access to our internal system API, one of which had access to hashed passwords and other non-financial data about our customers.”

The company determined the affected system and locked out the attackers, the provider has immediately taken down the breached server and the abused API.

At the time of writing, the company is investigating the incident with the help of a team of external forensic experts, it also reported the hack to the authorities.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Hostinger, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Threat actor attempts to sell 30 million customer records allegedly stolen from TEG

A threat actor is offering for sale customer data allegedly stolen from the Australia-based live…

3 hours ago

Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles…

15 hours ago

Threat actors are actively exploiting SolarWinds Serv-U bug CVE-2024-28995

Threat actors are actively exploiting a recently discovered vulnerability in SolarWinds Serv-U software using publicly…

16 hours ago

US government sanctions twelve Kaspersky Lab executives

The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned twelve Kaspersky Lab executives for their…

1 day ago

Experts found a bug in the Linux version of RansomHub ransomware

The RansomHub ransomware operators added a Linux encryptor to their arsenal, the version targets VMware…

2 days ago

UEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models

A serious vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC…

2 days ago

This website uses cookies.