In November last year, Hetzner, one of the country’s largest web and data hosting services suffered a major breach that exposed customer details, domain names, FTP passwords and banking details. Following that breach the company said it was committed to being a trustworthy hosting service.
“We understand that this event has shaken your confidence in us. It is our earnest commitment to provide you with a hosting service you can trust,” Hetzner said then.
They have, unfortunately, failed in that endeavour. Yesterday, Heztner confirmed via email that another major data breach, once again exposing important details like names, ID numbers, addresses, phone numbers and even VAT numbers. All information that would make it relatively easy for a savvy social engineer to steal and abuse an identity.
- Data that may have been exposed:
- Name and email address
- Phone number(s)
- Address details
- Debit Order bank account details such as your bank account number. This information is readily available and often provided for invoice purposes.
- Identity number
- VAT number
Data that was NOT exposed:
- Credit card details – this information is not stored on any of our systems
- Passwords and login credentials
- Website and email content
Hetzner says that the breach occurred on Friday October 5, but that the company “acted swiftly, working around the clock, to patch the vulnerability from further coordinated attacks.” The company also suggests that o action need be taken on users’ part, while committing once again to increase security.
“Over the past year, we have significantly increased our measures to harden our systems against possible attack. This includes regular penetration testing and a comprehensive audit by independent cyber security specialists, with a dedicated team always working to strengthen our systems and the security of your data.”
“We can reassure you that your data security remains our top priority and that we take swift and decisive action to address threats whenever they arise,” said Hetzner.
Last Updated: October 10, 2018