Hetzner South Africa hacked – Sensitive information exposed
Hetzner’s konsoleH platform has been hacked, exposing customer details, FTP passwords, domain names, and banking details. The platform is Hetzner’s proprietary control panel, which merges all service administration tools into an integrated management system. The platform enables users to manage their web space with greater efficiency and accessibility.
The power of konsoleH also means a lot of information about users is stored in a central place, which makes it a target for cyber criminals. Hetzner said the hackers used an SQL injection vulnerability to gain access to its konsoleH Control Panel database. The vulnerability has since been fixed.
“While your konsoleH admin password has not been compromised, we have proactively updated your FTP password, which was exposed,” said Hetzner. It is imperative that clients update all passwords associated with their Hetzner account immediately, however, including their konsoleH admin password. The compromised information includes:
- Customer details – name, address, ID number (if provided), telephone numbers, email addresses.
- Domain names.
- FTP passwords.
- Bank account details (cheque/savings).
What you should do
Hetzner advised clients to immediately update the following passwords:
- All database access passwords.
You will need to update your web application database connection strings.
- While Hetzner has updated all FTP passwords, users will need to reset this password to gain access.
- If a user has made use of an additional FTP user, these passwords will have to be updated manually.
- All email passwords (if you have not updated this in the last 6 months).
- Hetzner recommended users update their konsoleH Control Panel login password (it was not compromised).
“Should you have provided konsoleH access details to any other parties, please advise them to update their login details.”
Mailbox users are able to update their passwords via Hetzner’s webmail interface.
- ^ Massive South African data leak – Now over 75 million records at risk (mybroadband.co.za)