Hackers hit Hetzner
Hetzner yesterday informed subscribers that they suffered a network intrusion which may have allowed unauthorised access to their hosting management systems.
Hetzner proactively addressed the issue, informing hosting subscribers of the security breach and asking them to update their passwords to avoid potential future problems.
It is still unclear how the hacker gained access to Hetzner’s systems. “Despite intensive investigation we are still unable to determine how the intruder gained access to our network. Hetzner has changed all access details. While there have been further attempts by the intruder to gain access, we can confirm that they have been unsuccessful,” Hetzner said.
“This unfortunate incident has occurred despite the various controls we have in place to prevent such a breach. We have taken and will continue to take appropriate and reasonable technical measures to prevent the unauthorised access to our systems and your data.”’
“We’d like to reassure you that our systems are protected against all known vulnerabilities. Our System Administrators have ensured that our servers are up to date with all relevant security patches, the latest of which was released on 17 September and applied on 18 September,” said Hetzner.
“Added to this, a glibc vulnerability was announced on Monday, 18 October and while a vendor security patch is not available, our team has implemented a work-around which has meant that this vulnerability can not be exploited on our servers.”
“The Linux kernel vulnerability announced on Tuesday, 19 October does not affect our kernel version. As part of our investigation, the team ran exploits against all current published vulnerabilities and was unable to penetrate our server security systems,” Hetzner said.
Hackers hit Hetzner << Comments and views
Loading ...