NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Attrition Dataloss> 2012-05

[Dataloss] Hosting firm suffers 'innocent' intrusion after billing system hacked

From: security curmudgeon (jerichoattrition.org)
Date: Tue May 01 2012 - 00:11:32 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>

http://www.theregister.co.uk/2012/04/30/eukhost_billing_system_compromise/

By Brid-Aine Parnell
The Register
30th April 2012

Web-hosting firm eUKHost has been hacked by Pakistani hacking team
UrduHack, which appeared to have gained access to its billing system.

The company sent out an email to customers and announced on its website
over the weekend that it had spotted the intrusion within the last 24
hours.

"We can confirm that an administrator level login was compromised and an
IP address added to an allow list to allow a successful login," eUKHost
said on Saturday morning.

"We are still investigating how this compromise occurred and we can't
currently see any evidence of a database dump," the firm added.

eUKHost managing director John Strong told The Register that the hackers
had not bothered to cover their tracks by deleting logs and the company
had identified them as Pakistani group UrduHack.

[...]
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]