The web hosting company Hostinger has disclosed that it has experienced a security breach which impacted both its platform and users.
The company revealed in a blog post that a hacker was able to gain access to an internal server where he discovered an authorization token for an internal API. The hacker then used it to make “API calls affecting information about Clients”.
According to Hostinger, the hacker made API calls against a database which contained the personal information of around 14m customers that included their usernames, IP addresses, first and last names, and contact information such as their phone numbers, emails and home addresses. Information about user passwords was also stored on the database but thankfully it was in a hashed format.
Following the security incident, Hostinger decided to forcibly reset the passwords for all users whose accounts had been impacted as the company attempts to discover which of its customers were affected.
The hacker did not obtain any financial data nor were they able to compromise customer sites according to Hostinger.
Following the security breach, the company set up a status page where customers can see up to the minute updates regarding the extent of the incident. Hostinger also said that the breached server and API have both been taken down.
The company provided further information on the steps it has taken following the security breach in a blog post, saying:
“Following the incident, we have identified the origin of unauthorized access and have taken necessary measures to protect data about our Clients, including mandatory password reset for our Clients and systems within all of our infrastructure. Furthermore, we have assembled a team of internal and external forensics experts and data scientists to investigate the origin of the incident and increase security measures of all Hostinger operations. As required by law, we are already in contact with the authorities.”