British Hosting Firm Admits Pakistani Hack

A Leeds-based web hosting firm has informed the Information Commissioner’s Office (ICO) its systems have been compromised by hackers.

On Saturday morning, John Strong, the managing director of eUKhost Ltd, posted an announcement on its website, warning that the billing system of eUKhost had been compromised.

Pakistani hackers

“Although the method of the compromise remains unclear, we can confirm that an administrator level login was compromised and an IP address added to an allow list to allow a successful login,” Strong warned. “We are still investigating how this compromise occurred and we can’t currently see any evidence of a database dump. However, with our billing system compromised on any level, passwords stored within and not changed since signup can potentially be compromised.”

TechWeekEurope spoke to eUKhost’s Strong, who confirmed the hack had actually taken place back in February, but the company only became aware of the intrusion on Friday after the hacking group responsible for the hit revealed the intrusion on YouTube.

Strong also confirmed to TechWeekEurope that the Pakistani hacking group known as UrduHack was responsible for the intrusion.

But how did they gain access? “We believe they used an old piece of testing software that was not properly shut down, and this allowed the hackers to elevate certain privileges and allowed them to gain access,” Strong said.

Not Malicious

But Strong admitted the hack could have been a lot worse, if the hackers had had malicious intent.

“The hacking group responsible is not the type to cause trouble with individuals,” said Stong. “They are the kind of hackers that just want to prove they can do something. Their motive was not financial, and they were not interested in compromising our systems, they just wanted to prove they could do it,” he said.

Stong confirmed that eUKHost has now moved its billing system to a new server and changed the encryption algorithm. He also confirmed that payment details do not appear to have been compromised.

Strong also admitted that eUKHost had been lucky this time and was guilty of not following the advice it usually gives its own customers.

“It has not been pleasant,” admitted Strong. “But it could have been a lot worse if it had been a different type of hacker. They could have done a lot of damage so we have been lucky. We are also a bit guilty of not following our own advice that we give to our customers, so we are a little embarrassed that we have not practised what we preached.”

As a company, eUKHost is based in the UK, but it has 21,000 customers worldwide and hosts millions of websites. It leases space in data centres in Maidenhead and Milton Keynes.

Think you know security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

9 mins ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

2 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

17 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

20 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

21 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

22 hours ago