Web hosting provider exposes details of millions of clients in serious security lapse

Data Breach
(Image credit: Shutterstock)

Security researchers have discovered a huge data breach involving a web hosting firm, which may have threatened the privacy of some 63 million individuals. Security researcher Jeremiah Fowler, in collaboration with Secure Thoughts, discovered that an unsecured database hosted by US firm Cloud Clusters had potentially compromised usernames and passwords connected with Magento, WordPress and MySQL.

The exposed database contained records concerning data backups, monitoring, error logging, and more, with emails and passwords displayed in plain text. 

After discovering the breach, Fowler notified Cloud Clusters, which eventually acknowledged the vulnerability before restricting public access. It is not known, however, if the firm informed relevant customers that their credentials could have been compromised.

“It is unclear how long these records were exposed or who else may have had access to this data,” Fowler explained. “As a security researcher, I never circumvent or bypass password protected assets. These records were publically accessible and no hacking was necessary to see 63.7 million records. If a cybercriminal had access to this information it could potentially compromise those sites and e-commerce accounts.”

Still at risk?

Magento is an e-commerce platform, while WordPress is a popular website management system. Users of these platforms could now be at risk of account hacking or being targeted by spear-phishing attempts. The total number of exposed records numbered 63,747,966.

Poor log monitoring is often blamed for exposing sensitive data as it is not considered a core asset. Logs can still contain important data, however, including login attempts, critical transactions, IP addresses and usernames.

For Cloud Clusters, although the security issue has now been patched, it might be a good idea to notify customers that may have been compromised, so they can be on guard against follow-up attacks.

Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.