DomainFactory Confirms Data Breach – Customers Should Change Passwords

As an attempt to satiate their thirst for ‘data’, this time, the hackers have targeted a web hosting company. Last week, a German hosting service DomainFactory confirmed a data breach through an open ticket on its website. According to initial investigations, the hackers secretively accessed the company’s database in January 2018, to pilfer sensitive information.

DomainFactory Confirmed Data Breach Hit Them In January

Last week, DomainFactory confirmed data breach incident that took place in January, 2018. As explained in an open ticket on the firm’s website, an unknown individual contacted the company claiming to have accessed their system. Following this claim, the company immediately began investigations that confirmed unauthorized access to their database and the subsequent data breach.

Explaining the matter, the website ticket reads [translated text],

“The result of an initial investigation was that after a system change that took place at the end of January, certain customer information was unintentionally accessible to third parties via a data feed. This data feed was triggered when customers made changes to their DomainFactory accounts, but they caused system errors when they were saved.”

While the investigations continue, the firm suspects that the breached data may contain almost all of the customers’ information. This includes customers’ personal details, business details, DomainFactory account credentials, bank names and bank account numbers, and Schufa score.

The company explains this speculation in this way [translated text]:

“At the moment, we still cannot determine which customer data the attacker accessed. Therefore, for safety’s sake, we act as if all customers of DomainFactory were affected.”

The Firm Patched The Vulnerability, Yet The Customers Should Remain Vigilant

Following notification of the breach, the officials quickly closed down all attack points. They also initiated investigations about the incident, hired a cybersecurity firm, and reported the data breach to the data protection authorities.

For security purpose, and to prevent any probable further damages, DomainFactory advises its customers to change their account passwords.

“For someone who has been given unauthorized access to your information, it is possible to use your identity or to create direct debits for your bank account or otherwise misuse their information at DomainFactory. As a precaution, we recommend that you change your passwords for your DomainFactory accounts as soon as possible.”

They also urge their customers to vigilantly monitor their bank accounts statements, and to report to the police in case of any suspicious activity.

DomainFactory is a German web-hosting company owned by GoDaddy since 2016.

The present data breach disclosed on July 6, 2018, simply adds to the trail of data breaches that we have been reporting for a couple of weeks.

Let us know your thoughts in the comments section.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients