Hetzner South Africa HACKED – customer details compromised
(005875.811-:E-000062.43:N-AC:R-SU:C-30:V)
[SQL Injection is the most dangerous form of hacking in my opinion, and I’ve had my websites hacked before. I’ve also seen my logs filled with attempts to hack by SQL Injection. When I worked for the bank I had to harden 2 of my systems against SQL Injection. Its a particularly nasty form of hacked. They can delete, damage or change your data without you knowing (unless its actually deleted outright). So there you have it. Heztner South Africa hacked. I wonder how that occurred. Jan]
https://techcentral.co.za/wp-content/uploads/2017/10/padlock-2156-1120-768×[email protected]
![https://techcentral.co.za/wp-content/uploads/2017/10/padlock-2156-1120-768×[email protected]](https://techcentral.co.za/wp-content/uploads/2017/10/padlock-2156-1120-768x399@2x.jpg){kind=link}
A key database operated by large South African data centre operator and website hosting service provider Hetzner has been hacked, and the company is advising clients to change their passwords immediately.
Hetzner, which is based in Midrand in Johannesburg, advised clients on its website on Wednesday that earlier in the day it had become aware of “unauthorised” access to its konsoleH control panel database.
“We can confirm that a SQL injection vulnerability was identified within konsoleH, which has been corrected,” it said. “We shut down access to konsoleH during the course of the day while investigations proceeded.”
We can confirm that a SQL injection vulnerability was identified within konsoleH, which has been corrected
Although konsoleH administrator passwords have not been compromised, Hetzner has “proactively updated all FTP passwords which were exposed”.
“It is imperative that customers update all passwords associated with their Hetzner account immediately, including konsoleH admin passwords,” it said.
The following details were exposed:
Customer details (name, address, telephone numbers and e-mail addresses);
Domain names;
FTP passwords;
Bank account details (cheque/savings) — no credit card details were stored.
While FTP passwords have been updated, customers will need to reset this password to gain access. If they have made use of an additional FTP user, they will need to manually update these passwords via konsoleH.
Forensic investigation
“Should you have provided konsoleH access details to any other parties, please advise them to update their login details as soon as possible. Mailbox users are able to update their passwords via our webmail interface.”
Hetzner said it has appointed external forensic investigators, who are already on site, to investigate the breach.
“We understand that this event has shaken your confidence in us. It is our earnest commitment to provide you with a hosting service you can trust.” — © 2017 NewsCentral Media
Source: https://techcentral.co.za/hetzner-hacked-customer-details-compromised/77920/
Video: Johnny Rodrigues & Jan: Zimbabwe: Chinese & Black Email spying, Assassination & Mass Graves
I chat to Johnny Rodrigues again who is now in Portugal having fled Zimbabwe in recent years because of threats to the life of him and his family.
Lots of Photos: NAZI Gassings!!
This is a link to the Wayback Machine where you can see a wonderful old website with mountains of photos and articles about the enormous Jewish hoax of the holocaust. NAZIGASSINGS was a wonderful little website in it‘s day. You can still see many photos and stories on this page.
Low IQ & Bad Schools: South Africa: 18 schools get zero matric pass rate
Pretoria No pupils passed the 2010 matric exams at 18 schools, according to figures released by the basic education department on Thursday.