Published on October 29th, 2015 📆 | 7181 Views ⚑
0Free Web Hosting 000Webhost hacked, 13 Million users impacted
Free Web Hosting 000Webhost company hacked, data belonging to more than 13 Million customers have been leaked online by the attackers.
Another company has suffered a major data breach, this time in the headlines there is the worldâs most popular Free Web Hosting company 000Webhost.
The 000Webhost data breach has exposed more than 13.5 Million records belonging to the customers of the Lithuanian company. The personal data exposed in the attack includes usernames, passwords in plain text, email addresses, IP addresses and last names.
In a message published by 000Webhost on the company disclosed the data breach
[adsense size='1']
âWe have witnessed a database breach on our main server. A hacker used an exploit in old PHP version to upload some files, gaining access to our systems. Although the whole database has been compromised, we are mostly concerned about the leaked client information.â
âEarlier this week, I was contacted by Troy Huntâ states Fax-Brewster from Forbes âHunt informed me heâd been contacted by an anonymous source whoâd passed along a database allegedly belonging to 000Webhost, containing usernames and passwords ostensibly belonging to just more than 13.5 million users.â
âItâs unclear how or when any apparent breach took place. Hunt put me in touch with an anonymous contact who claimed to have knowledge of an attack on 000Webhost in March that used leaked credentials of a 000Webhost admin. FORBES could find no way to verify these claims. Hunt said he was also contacted by a separate source whoâd indicated the database was for sale on unspecified forums for $2,000.â
The Free Web Hosting company 000Webhost has many responsibilities, it first failed to properly protect the data by storing them in clear text, and then repeatedly ignored Troy Hunt who tried to report them what happened.
At the time of writing, the 000webhost.com website is on maintenance has reported in the home page.
âImportant! Due to security breach, we have set www.000webhost.com website on maintenance until issues are fixed. Thank you for your understanding and please come back later.â
[adsense size='1']
In response to the incident, the IT staff at the 000webhost Free Hosting service has changed all customersâ passwords to the random values and implemented encryption (itâs never too late ;-)), but it hasnât notified the incident to the customers alleged impacted in the data breach.
The company has also removed the content uploaded by the hackers once discovered the data breach.
However, 000Webhost said: âWe removed all illegally uploaded pages as soon as we became aware of the [data] breach. Next, we changed all the passwords and increased their encryption to avoid such mishaps in the future.â
000webhost clients have to follow the password reset process to generate a new password for their account.
Gloss