Domainfactory, a GoDaddy web hosting company, has been hacked

Share this…

The hosting company Domainfactory has closed its forums after hackers posted messages claiming to have violated its infrastructure.

A data breach has recently been confirmed at the German web hosting company Domainfactory. The company, in possession of GoDaddy since 2016, has eliminated its forums after they began to appear messages of alleged hackers claiming to have intervened Domainfactory’s infrastructure.

The company notified the data violation to its customers and asked them to change their passwords.

“Last July 3rd, an unknown person at the Domainfactory forum claimed to have accessed to the company’s customer data. We performed pentest and discovered that a non-authorized third party managed to access client’s data. The information is now secured”, mentioned company spokespersons. “We have communicated customers and recommended them to update their Domainfactory passwords”.

The company also claims to have notified the data protection authorities and pentest experts in charge of the investigation; adding that the protection of the data of its clients is paramount and regretting the inconvenience that the incident may have caused.

Domainfactory staff learned of the incident on the afternoon of July 3, 2018, the security team estimates that the vulnerability has been exploited since January 28, 2018.

A first investigation and pentest confirms that unauthorized third parties may have had access to several categories of data, including the customer’s name, company name, customer number, address, email, phone numbers, and Domainfactory’s passwords.

To face the attackers, the company secured its compromised information security systems.

The hack was revealed by German media, which noticed the strange messages of hackers posted on the forums.

Particularly, German journalist Fabian Scherschel published that he found a thread on Twitter, before the breach’s public disclosure, which stated that “Domainfactory customers asked hackers about their data because the company did not respond to their requests”.

According to reports from the International Institute of Cyber Security, hackers behind the attack may have used a variant of the Dirty Cow vulnerability to accomplish the data breach.