Hosting provider Hostinger announced that it reset the login passwords of 14 million of its customers following a recent security breach that enabled unauthorized access to a client database.
It was found that a third party was able to access usernames, hashed passwords, emails, first names, and IP addresses.
The organization reported that an unauthorized party accessed one of their servers and was then able to obtain further access to customer information.
The password reset action is a precautionary measure and Hostinger clients received the notification and details on how to regain access to their account.
TPRM report: https://scoringcyber.rankiteo.com/company/hostinger-international
"id": "hos11213423",
"linkid": "hostinger-international",
"type": "Breach",
"date": "08/2019",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 14000000,
'industry': 'Technology',
'name': 'Hostinger',
'type': 'Hosting Provider'}],
'attack_vector': 'Unauthorized access to a server',
'data_breach': {'number_of_records_exposed': 14000000,
'type_of_data_compromised': ['usernames',
'hashed passwords',
'emails',
'first names',
'IP addresses']},
'description': 'Hostinger reported a security breach where unauthorized '
'access to a client database led to the exposure of 14 million '
'customer records. The compromised data included usernames, '
'hashed passwords, emails, first names, and IP addresses. The '
'organization responded by resetting customer passwords and '
'notifying affected users.',
'impact': {'data_compromised': ['usernames',
'hashed passwords',
'emails',
'first names',
'IP addresses'],
'systems_affected': ['Client database']},
'response': {'remediation_measures': ['Password reset',
'Customer notification']},
'threat_actor': 'Unauthorized third party',
'title': 'Hostinger Data Breach',
'type': 'Data Breach'}