DomainFactory’s compromised data feed leaks out customers details

A German hosting provider Domainfactory has just confirmed a massive data breach which had taken place in January this year. Domainfactory has been a part of the UKs Host Europe group since 2013, they have over 200,000 customers and more than 1.3 million domains.

The company informed its customers about the breach through an official email and through there status page and also asked them to change their login credentials. Although Domainfactory can’t confirm if all of their customers were affected. The company has also asked its users to change their MySQL, SSH, FTP and live disk passwords of their websites as they might have been compromised too.

Customer names, numbers, Physical addresses and dates of birth along with even more sensitive information such as account passwords and bank details are believed to have been leaked too. This makes Domainfactory users highly exposed to fraudulent bank transactions from their accounts and social engineering attacks.

Domainfactory has since asked its users to monitor all bank transactions and accounts and report any suspicious activity to law enforcement.

Domainfactory, on there status page stated

The result of an initial investigation was that after a system change that took place at the end of January, certain customer information was unintentionally accessible to third parties via a data feed.  This data feed was triggered when customers made changes to their DomainFactory accounts, but they caused system errors when they were saved. The information in the data feed included:  customer name, company name, customer number, customer e-mail address, address, telephone number, DomainFactory telephone password, bank name and account number (eg IBAN or BIC), and the Schufa score. The feed did not contain any further payment data. We closed the data feed immediately after discovery.  According to our current state of research, we assume that the data feed was viewed by an individual. This posted on July 3, information about six customers in our forum.

The company’s forums were also taken down after a stranger claimed at the support forum that he had gained access to Domainfactory’s customer database. As proof, he shared internal data of several customers who then confirmed the authenticity of the information. An individual also publicly claimed on twitter to be the hacker responsible for the breach and claimed to have attacked Domainfactory because they allegedly owed him money.

Domainfactory has since informed the concerned authorities about the breach and have brought in external investigators to investigate the breach.

The post DomainFactory’s compromised data feed leaks out customers details appeared first on Appuals.com.