{"id":235714,"date":"2017-11-01T18:07:37","date_gmt":"2017-11-01T16:07:37","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=235714"},"modified":"2017-11-01T18:16:48","modified_gmt":"2017-11-01T16:16:48","slug":"hetzner-hacked-sensitive-information-exposed","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/cloud-hosting\/235714-hetzner-hacked-sensitive-information-exposed.html","title":{"rendered":"Hetzner South Africa hacked &#8211; Sensitive information exposed"},"content":{"rendered":"<p>Hetzner\u2019s konsoleH platform has been hacked, exposing customer details, FTP passwords, domain names, and banking details.<\/p>\n<p>The platform is Hetzner\u2019s proprietary control panel, which merges all service administration tools into an integrated management system.<\/p>\n<p>The platform enables users to manage their web space with greater efficiency and accessibility.<\/p>\n<p>The power of konsoleH also means a lot of information about users is stored in a central place, which makes it a target for cyber criminals.<\/p>\n<p>Hetzner said the hackers used an SQL injection vulnerability to gain access to its konsoleH Control Panel database. The vulnerability has since been fixed.<\/p>\n<p>\u201cWhile your konsoleH admin password has not been compromised, we have proactively updated your FTP password, which was exposed,\u201d said Hetzner.<\/p>\n<p>It is imperative that clients update all passwords associated with their Hetzner account immediately, however, including their konsoleH admin password.<\/p>\n<p>The compromised information includes:<\/p>\n<ul>\n<li>Customer details &#8211; name, address, ID number (if provided), telephone numbers, email addresses.<\/li>\n<li>Domain names.<\/li>\n<li>FTP passwords.<\/li>\n<li>Bank account details (cheque\/savings).<\/li>\n<\/ul>\n<h3 class=\"my-4\"><strong>What you should do<\/strong><\/h3>\n<p>Hetzner advised clients to immediately update the following passwords:<\/p>\n<ul>\n<li>All database access passwords. You will need to update your web application database connection strings.<\/li>\n<li>While Hetzner has updated all FTP passwords, users will need to reset this password to gain access.<\/li>\n<li>If a user has made use of an additional FTP user, these passwords will have to be updated manually.<\/li>\n<li>All email passwords (if you have not updated this in the last 6 months).<\/li>\n<li>Hetzner recommended users update their konsoleH Control Panel login password (it was not compromised).<\/li>\n<\/ul>\n<p>\u201cShould you have provided konsoleH access details to any other parties, please advise them to update their login details.&#8221;<\/p>\n<p>Mailbox users are able to update their passwords via Hetzner\u2019s webmail interface.<\/p>\n<h3 class=\"my-4\">Now read:\u00a0<a href=\"https:\/\/mybroadband.co.za\/news\/security\/234790-massive-south-african-data-leak-now-over-75-million-records-at-risk.html\">Massive South African data leak \u2013 Now over 75 million records at risk<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>Hetzner\u2019s konsoleH platform has been hacked.<\/p>\n","protected":false},"author":23,"featured_media":143803,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25,27],"tags":[35,1065,47042],"class_list":["post-235714","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-hosting","category-security","tag-headline","tag-hetzner","tag-konsoleh"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/235714"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=235714"}],"version-history":[{"count":2,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/235714\/revisions"}],"predecessor-version":[{"id":235718,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/235714\/revisions\/235718"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/143803"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=235714"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=235714"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=235714"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}