In the latest data breach, free and widely used hosting service 000webhost has reportedly fallen victim to a massive cyber security threat that has left over 13 million users’ login information in jeopardy. The website provider is currently down and said to be undergoing maintenance to resolve the issue, but this latest attack by hackers only further raises questions about the safety of online information. Silicon Angle News shares several of the breaking details on this tech news story this October 29, 2015.
It might be common nature for many people now to simply use an easy password for all of their digital accounts given our busy lives, but experts continue to warn Internet users of the risks associated with such precarious practice. Hosting site 000webhost confirmed this week that millions upon millions of its users, who are spread across the world, might now be under the threat of having their private information exposed. The firm revealed to news sources earlier this week in a post via social networking site Facebook that the popular company had indeed suffered an intense data breach on its primary server earlier this year.
Information on how the hacker or team of hackers managed to infiltrate the system is still being investigated, but a report provided via ZD NET News shares this afternoon that the digital criminals managed to break into an unpatched version of PHP. They then inserted various forms of malicious information and files onto the server in order to access the service’s main electronic systems. The breached database apparently held email addresses, usernames, and passwords of over 13 million users. Perhaps equally damaging was that all of this information has since been made available online through the dubbed “Dark Web.”
Since the cyber attack, 000webhost has confirmed they managed to locate and delete all harmful files in their database. They then proceeded to “change all the passwords and increase their encryption to avoid such mishaps in the future.” Troy Hunt, a Microsoft MVP connected with Developer Security, also shared this week that the release of these private records to the public is more than just another case of a hacked website, however. He says if websites such as 000webhost continue to allow plain text passwords to exist on their servers instead of encrypting them or hashing such passwords ((at a bare minimum level of protection), hackers have a much easier time simply stealing information.
If anything, this tech news serves as yet another important reminder for Internet users to remember to update their password often, make it a challenging password with numerous characters, and be sure to use different passwords for different websites. In this particular case, Hunt strongly encourages users who had a password on the hacked 000webhost service provider site that used that same password elsewhere to change them immediately. In order to protect our digital identity, such precautions—while tedious—must be taken. Currently, 000webhost has requested all active users to change their passwords for all accounts in light of a new website reset, but the website has been placed on hiatus for server repairs. Lastly, concludes the report, Web users should be careful where they are uploading and storing information, as not all websites have the same levels of cyber security as others.
If you’re one of the 13 million customers who fear your information might be at risk, do what you can now to protect your identity. Tod Beardsley, a security manager for Silicon Angle, had this to add about the data breach: “We know that breaches happen, with some regularity, so I don’t blame 000Webhost for getting compromised, but it’s critical that organizations who suffer a compromise communicate effectively, quickly, and directly to their customer base with steps to protect themselves,” Beardsley said. “Given 000Webhost’s position as a top free web hosting provider, there are undoubtedly thousands and thousands of small companies who rely on 000Webhost for their economic viability, and every one of them is now exposed to casual vandalism.”