GoDaddy-owned hosting company Domainfactory hacked

Haythem Elmir

The hosting company Domainfactory has taken down its forums after hackers posted messages claiming to have breached into its infrastructure.

While I was writing about the Timehope security breach, another incident is making the headlines, the victim is the German hosting company Domainfactory.

The hosting company, that was owned by GoDaddy since 2016, has taken down its forums after hackers posted messages informing visitors that they have breached into the Domainfactory infrastructure.

DomainFactory hacked 3.jpeg


The company notified the data breach to the customers and asked them to change their passwords.

“On July 3, 2018, a person in the DomainFactory forum claimed access to DomainFactory customer data. We initiated a detailed investigation and found that customer data was accessed by an outside party without authorization. The access route is now secured.” wrote a company representative.

“We contact all customers with the recommendation to update their DomainFactory passwords. Instructions for changing your passwords can be found here:

We have notified the data protection authority and commissioned external experts with the investigation. The protection of the data of our customers is paramount and we regret the inconvenience this incident causes, very much.”

The company notified the data protection authorities and is investigating the hack with the help of external experts.

The Domainfactory staff first learned of the incident in the early evening of July 3, 2018, the security team dated the data breach as January 28, 2018.

A first investigation confirmed that unauthorized third parties could have had access to the several categories of data, including customer name, company name, customer number, address, E-mail addresses, phone number, DomainFactory phone password, date of birth, bank name and account number (eg IBAN or BIC), and Schufa score.

In response to the attack, the company secured the breached systems.

The hack was disclosed by the German media outlet Heise, that noticed the strange messages of the hackers published on the forums.

The German journalist Fabian Scherschel also posted on Twitter (in German) that he noticed a thread, before public disclosure of the incident, “in which Lauter #Domainfactory customers ask a hacker about their data because DF does not respond to their requests”

According to the Heise, hackers exploited a variant of the Dirty Cow flaw to breach into the systems.

To read the original article


Laisser un commentaire

Next Post

BlackTech APT using stolen D-Link certificates to spread malware

A cyber-espionage group tracked as BlackTech is abusing code-signing certificates stolen from D-Link for the distribution of their malware. Security experts from ESET discovered that an APT group tracked as BlackTech is using code-signing certificates stolen from Taiwanese-based tech firm D-Link and the security company Changing Information Technology Inc. According to the experts, the cyber […]