Hostinger, one of the largest Internet hosting companies, revealed today that its platform was violated.
In a blog post, the company he says that someone (s) hacker (s) have gained access to an internal server. There he found an authorization badge for an internal API, which he used to make "API calls that affect customer information."
The company said the hacker made API calls to a database that stored personal information from about 14 million customers. This information includes Hostinger usernames, customer IP addresses, surnames, and contact information such as phone numbers, emails, and home addresses.
The database also contained user passwords in encrypted form.
So the web hosting company said it decided to reset all passwords on the affected accounts, but also to reveal the affected customers.
The company did not provide an exact number of affected users, but password reset emails began circulating, with several users reporting receiving the messages on Twitter.
The company said the attackers failed to obtain financial data, nor did they breach customer premises.
The incident was discovered on Friday, August 23 and Hostinger created a σελίδα announcing the event.
The company said the bugs have been fixed.
We have assembled a team of internal and external experts and scientists to investigate the origin of the incident and increase the security measures of all Hostinger companies. As required by law, we are already in contact with the authorities.