One of the largest hosting company in Germany, DomainFacotry owned by GoDaddy, witnessed data breach last week affecting its users. The breach actually took place back in January this year. It was discovered last Tuesday when DomainFactory, in its support forum received a breach note posted by an unknown attacker.
Local internet media Heise reported that the attacker breached company servers to obtain the data of one of its customers who apparently owes him a seven-figure amount.
It was further revealed that the attacker tried to report to the hosting company about the breach and the potential threat using which he broke into their servers. It turns out neither did the hosting provider respond not disclose about the breach to its customers.
Apparently, the attacker decided to head over to the companies support forum where he posted about the breach along with sample data of a few customers as proof. All these events forced DomainFactory the hosting company to immediately shut down the forum website and initiate an investigation.
The attacker gained access to a large number of Data, which was finally confirmed by DomainFactory. DomainFactory revealed that personal data belonging to an unspecified number of its customers has been compromised. The data comprised of Customer name, Company name, Customer account ID, Physical address, E-mail addresses, Telephone number, DomainFactory Phone password, Date of birth, Bank name and account number (e.g. IBAN or BIC), Schufa score (German credit score).
With all this information available it can be used by cybercriminals for targeted social engineering attacks against the customers.
In the meanwhile, the DomainFactory support forum is temporarily down. Later DomainFactory made a statement where it said that a data feed of certain customer information, accessed by the attacker, was left open to external third parties after a system transition on January 29, 2018.
DomainFactory said –
We have notified the data protection authority and commissioned external experts with the investigation. The protection of the data of our customers is paramount, and we regret the inconvenience this incident causes, very much.
DomainFactory has advised all its customers to change passwords ( Customer password, Phone Password, Email Password, FTP / Live disk passwords, SSH passwords, MySQL database passwords) for all their services and applications as a precautionary measure.
As there is also a risk of the stolen data being used for identity theft and to create direct debits for customers’ bank account, all users have been advised to monitor their bank statements for any unauthorized transaction.
It is still not clear how the attacker got access to Domain Factory servers, but the German internet media said the attacker did not show any intention of selling the stolen data or leaking it online.
Also Read: Top 5 Smartphones Available Under Rs15000