UK Web Hoster Easily Hit by Targeted Attack

Written by

UK web hosting firm has suffered a targeted attack which exposed an unspecified number of customer domain names, it revealed in a letter to customers.

The letter from COO Edwina McDowall claims that malware which was placed onto the firm’s systems by an unknown third party has now been isolated and removed.

In the letter seen by Business Insider, McDowall claims “a list of domain names registered on behalf of our customers was accessed” but then goes on to state that no account details, passwords or personal information belonging to the recipient was taken.

That doesn’t necessarily mean the same is true of all customers, of course, and the firm has been slow to make an official announcement.

In fact, even its attempts to reset customer passwords as a precautionary measure seemed to run into trouble.

Several customers tweeted the firm to ask whether the email they received was genuine, suspecting a phishing attack.

One, @KensalLife, summed up the general mood with this tweet: “Is the data breach notification i received from you genuine? Seemed a bit ‘phishy’. Couldn't find anything on your website...”

Another customer, @mspann, asked “has your support email been hacked? I'm getting responses from it in bad English.” claims on its website that it has “100% UK based support” with all “customer service staff trained and based in-house.”

The firm claims to be one of the UK’s largest domain name and web hosting companies, with over 100,000 customers in 150 countries around the world. Ironically it makes a great deal of its “first-class customer support.”

Mimecast cybersecurity strategist, Orlando Scott-Cowley, claimed that ‘fabric of the internet’ organizations are becoming an increasingly popular target for hackers. Internet oversight body Icann was hacked earlier this year, for example.

“On the surface this could simply be hackers looking for personal or credit card data, but the deeper impact of domain name registration details is significant and should not go ignored,” he added.

“Once the security of the nuts and bolts of the internet is put at risk, we will have much bigger challenges to face.”

Photo © NicoElNino

What’s hot on Infosecurity Magazine?