Data Breaches, Pastes and Ignorance.
000webhost, the Free Web Hosting service, back in October was breached.
Details of the breach is online at Troy Hunt's website by clicking here!
000webhost (hosted by UK Owned Hostinger) was breached by an attacker who supposedly 'used an exploit in an old version of PHP' as a customer of the website, I found this to be particularly scary as my websites are hosted on their servers. (see My Forums)
Since my website is being hosted on their servers, they were locking my account out so they could 'investigate' the problem. And they did. 2 months after they released an email with the subject line:
'Account Data was breached'.
Troy Hunt (a Microsoft MVP for the Technology Security field) reported that
Troy runs a website called 'Have I Been Pwned?' which you can visit by clicking on the words.
On this website, you can enter your email address and then see if you have been (in haxxors words) pwned.
Due to the nature of this attack, Troy cannot give any data out to anyone as per indicated on his blog as 'No, I cannot Share Data Breaches With You' and he goes on to say
Q: I would like a copy of data for my breach
Troy replies with :
A: No, I can't.
Troy is doing this to protect data and breach data as well. I respect him for that as my data was breached. I have changed my passwords in pretty much anything really. iTunes, iCloud, Spotify, Windows Logon, Windows Azure, My Forums and others.
If any more details come out about this breach, I'll update this post.. Thanks for reading,
Aaron.
Oh, and before you close this page, visit Troy Hunt's document covering this. By clicking here
Details of the breach is online at Troy Hunt's website by clicking here!
000webhost (hosted by UK Owned Hostinger) was breached by an attacker who supposedly 'used an exploit in an old version of PHP' as a customer of the website, I found this to be particularly scary as my websites are hosted on their servers. (see My Forums)
Since my website is being hosted on their servers, they were locking my account out so they could 'investigate' the problem. And they did. 2 months after they released an email with the subject line:
'Account Data was breached'.
Troy Hunt (a Microsoft MVP for the Technology Security field) reported that
Every now and then, I get someone contacting me like this:
andHey, approximately 5 months ago, a certain hacker hacked into 000webhost and dumped a 13 million database consisted of name, last name, email and plaintext password
Now this puts me in an awkward position.
Troy runs a website called 'Have I Been Pwned?' which you can visit by clicking on the words.
On this website, you can enter your email address and then see if you have been (in haxxors words) pwned.
Due to the nature of this attack, Troy cannot give any data out to anyone as per indicated on his blog as 'No, I cannot Share Data Breaches With You' and he goes on to say
Q: I would like a copy of data for my breach
Troy replies with :
A: No, I can't.
Troy is doing this to protect data and breach data as well. I respect him for that as my data was breached. I have changed my passwords in pretty much anything really. iTunes, iCloud, Spotify, Windows Logon, Windows Azure, My Forums and others.
If any more details come out about this breach, I'll update this post.. Thanks for reading,
Aaron.
Oh, and before you close this page, visit Troy Hunt's document covering this. By clicking here
Comments
Post a Comment