DomainFactory, a GoDaddy subsidiary and one of Germany’s largest web hosting companies, has suffered a data breach.
The breach, which began in January, was discovered on July 3 when the perpetrator posted about it on a DomainFactory forum. The hacker revealed that they had breached the company’s servers in order to gain access to the details of one of its customers, who owed the hacker money.
The attacker claimed that, having obtained the information they were looking for, they tried to report the vulnerability to DomainFactory. However, the company did not respond to their message and did not disclose the breach to customers.
To prove that they had successfully gained access to the data, the hacker included sample customer data in their post on the support forum, in response to which DomainFactory shut down the forum website and began an investigation.
The company confirmed that a breach had occurred a few days later, and announced that customer and company names, account IDs, email addresses, physical addresses, dates of birth, telephone numbers, passwords, bank names and account numbers, and credit scores had been compromised.
According to the company, a data feed with this information had been left accessible after a system transition in January.
“We have notified the data protection authority and commissioned external experts with the investigation. The protection of the data of our customers is paramount, and we regret the inconvenience this incident causes, very much,” DomainFactory said.
It is unclear whether any other parties exploited the vulnerability, and the hacker who alerted DomainFactory and its users to the issue has given no indication of intending to leak or sell the data they accessed. However, the implications of a malicious actor having access to this highly sensitive information are severe.
DomainFactory has recommended that users change their passwords and monitor their bank accounts for any unexpected activity.
