While I was writing about the Timehope security breach, another incident is making the headlines, the victim is the German hosting company Domainfactory.
The hosting company, that was owned by GoDaddy since 2016, has taken down its forums after hackers posted messages informing visitors that they have breached into the Domainfactory infrastructure.
The company notified the data breach to the customers and asked them to change their passwords.
“On July 3, 2018, a person in the DomainFactory forum claimed access to DomainFactory customer data. We initiated a detailed investigation and found that customer data was accessed by an outside party without authorization. The access route is now secured.” wrote a company representative.
“We contact all customers with the recommendation to update their DomainFactory passwords. Instructions for changing your passwords can be found here:
We have notified the data protection authority and commissioned external experts with the investigation. The protection of the data of our customers is paramount and we regret the inconvenience this incident causes, very much.”
The company notified the data protection authorities and is investigating the hack with the help of external experts.
The Domainfactory staff first learned of the incident in the early evening of July 3, 2018, the security team dated the data breach as January 28, 2018.
A first investigation confirmed that unauthorized third parties could have had access to the several categories of data, including customer name, company name, customer number, address, E-mail addresses, phone number, DomainFactory phone password, date of birth, bank name and account number (eg IBAN or BIC), and Schufa score.
In response to the attack, the company secured the breached systems.
The hack was disclosed by the German media outlet Heise, that noticed the strange messages of the hackers published on the forums.
The German journalist Fabian Scherschel also posted on Twitter (in German) that he noticed a thread, before public disclosure of the incident, “in which Lauter #Domainfactory customers ask a hacker about their data because DF does not respond to their requests”
— Fabian A. Scherschel (@fabsh) July 7, 2018
According to the Heise, hackers exploited a variant of the Dirty Cow flaw to breach into the systems.
(Security Affairs – Domainfactory, data breach)