The web hosting provider Hostinger announced that it was forced to reset over 14 million customer logins. The incident occurred on August 23rd when a third party was able to access usernames, hashed passwords, email addresses, first names, and IP addresses. The breach was possible because the affected server had an authorization token that allowed access and privilege escalation that allows queries about clients and their accounts, phone numbers, home, and business addresses. Hostinger forced a password reset in response to this breach for all of its clients. According to the hosting service, financial data and financial websites were not involved. Hostinger uses a third-party payment portal and an investigation showed that it was not affected. The information stolen could be used by attackers to perform several styles of attacks, such as credential stuffing which is where the attacker attempts to use the login credentials on multiple sites in an attempt to access information. Currently, an investigation is underway to pinpoint the breach point and how to secure it properly.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is