The hosting company Domainfactory has closed its forums after hackers posted messages claiming to have violated its infrastructure.
A data breach has recently been confirmed at the German web hosting company Domainfactory. The company, in possession of GoDaddy since 2016, has eliminated its forums after they began to appear messages of alleged hackers claiming to have intervened Domainfactoryâ€™s infrastructure.
The company notified the data violation to its customers and asked them to change their passwords.
â€śLast July 3rd, an unknown person at the Domainfactory forum claimed to have accessed to the companyâ€™s customer data. We performed pentest and discovered that a non-authorized third party managed to access clientâ€™s data. The information is now securedâ€ť, mentioned company spokespersons. â€śWe have communicated customers and recommended them to update their Domainfactory passwordsâ€ť.
The company also claims to have notified the data protection authorities and pentest experts in charge of the investigation; adding that the protection of the data of its clients is paramount and regretting the inconvenience that the incident may have caused.
Domainfactory staff learned of the incident on the afternoon of July 3, 2018, the security team estimates that the vulnerability has been exploited since January 28, 2018.
A first investigation andÂ pentestÂ confirms that unauthorized third parties may have had access to several categories of data, including the customerâ€™s name, company name, customer number, address, email, phone numbers, and Domainfactoryâ€™s passwords.
To face the attackers, the company secured its compromised information security systems.
The hack was revealed by German media, which noticed the strange messages of hackers posted on the forums.
Particularly, German journalist Fabian Scherschel published that he found a thread on Twitter, before the breachâ€™s public disclosure, which stated that â€śDomainfactory customers asked hackers about their data because the company did not respond to their requestsâ€ť.
According to reports from the International Institute of Cyber Security, hackers behind the attack may have used a variant of theÂ Dirty CowÂ vulnerability to accomplish the data breach.