Unauthorized Party Accessed DomainFactory Data

Written by

After a person in their user forum reportedly claimed that they had accessed DomainFactory customer data, the company confirmed that it had been breached by an unauthorized outsider.

On 6 July, a system message reported that upon learning about the potential breach, the company initiated a detailed investigation whereupon it confirmed the outsider had gained access to customer data, adding that the access route had been secured and that it had contacted all customers and recommended that they update their DomainFactory passwords.

Data protection authorities were notified, and experts have launched an external investigation. “The protection of the data of our customers is paramount and we regret the inconvenience this incident causes, very much,” the company wrote. DomainFactory also assured customers that it is taking measures to prevent similar problems in the future.

The company first learned of the incident on 3 July. According to the information that is currently available, the data landed in the hands of external third parties on 29 January 2018 through a data feed after a system transaction.

Customer names, addresses, email addresses, phone numbers, DomainFactory passwords, dates of birth, bank names and account numbers, and Schufa scores were reportedly some of the information included in the compromised data.

DomainFactory has reportedly taken reasonable steps to address the cause of the data breach by blocking access, disabling suspicious systems, changing all access data of its employees and instructing an external security company to assist in a forensic investigation of its system environment. DomainFactory is trying to quickly take additional security measures to protect customer privacy.

In an 8 July update, the company wrote, “In our important Customer Information release dated July 7, 2018, we have indicated that we currently recommend the removal of all passwords as a precautionary measure. As a result, we have received more inquiries about which accesses should be changed exactly. Please change the following passwords: customer passwords, phone passwords, email passwords, FTP/live disk passwords, SSH passwords and MySQL database passwords.”

What’s hot on Infosecurity Magazine?