British Hosting Firm Admits Pakistani Hack
A British web hosting firm has been forced to warn its customers about a hacking intrusion into its billing system
A Leeds-based web hosting firm has informed the Information Commissioner’s Office (ICO) its systems have been compromised by hackers.
On Saturday morning, John Strong, the managing director of eUKhost Ltd, posted an announcement on its website, warning that the billing system of eUKhost had been compromised.
Pakistani hackers
“Although the method of the compromise remains unclear, we can confirm that an administrator level login was compromised and an IP address added to an allow list to allow a successful login,” Strong warned. “We are still investigating how this compromise occurred and we can’t currently see any evidence of a database dump. However, with our billing system compromised on any level, passwords stored within and not changed since signup can potentially be compromised.”
TechWeekEurope spoke to eUKhost’s Strong, who confirmed the hack had actually taken place back in February, but the company only became aware of the intrusion on Friday after the hacking group responsible for the hit revealed the intrusion on YouTube.
Strong also confirmed to TechWeekEurope that the Pakistani hacking group known as UrduHack was responsible for the intrusion.
But how did they gain access? “We believe they used an old piece of testing software that was not properly shut down, and this allowed the hackers to elevate certain privileges and allowed them to gain access,” Strong said.
Not Malicious
But Strong admitted the hack could have been a lot worse, if the hackers had had malicious intent.
“The hacking group responsible is not the type to cause trouble with individuals,” said Stong. “They are the kind of hackers that just want to prove they can do something. Their motive was not financial, and they were not interested in compromising our systems, they just wanted to prove they could do it,” he said.
Stong confirmed that eUKHost has now moved its billing system to a new server and changed the encryption algorithm. He also confirmed that payment details do not appear to have been compromised.
Strong also admitted that eUKHost had been lucky this time and was guilty of not following the advice it usually gives its own customers.
“It has not been pleasant,” admitted Strong. “But it could have been a lot worse if it had been a different type of hacker. They could have done a lot of damage so we have been lucky. We are also a bit guilty of not following our own advice that we give to our customers, so we are a little embarrassed that we have not practised what we preached.”
As a company, eUKHost is based in the UK, but it has 21,000 customers worldwide and hosts millions of websites. It leases space in data centres in Maidenhead and Milton Keynes.
Think you know security? Try our quiz!