Thomas Fox-Brewster reports:
A website run by the Ku Klux Klan has been downed as part of what appears to be a significant breach of its host and security provider Staminus. The company, which promises to protect users from distributed denial of service (DDoS) attacks, was exposed by a crew going by the name of FTA, which leaked data online yesterday.
Dumped information included customer contact details and password hashes (the result of taking the plain text password on running it through a one-way algorithm to garble the text). The hackers also claimed to have accessed unencrypted credit card details, though FORBES could not verify that claim.
Read more on Forbes.
This is one of those situations where if you generally abhor hackers dumping personal information, but you hate the KKK or the organization whose member data got hacked, you may be tempted to silently cheer that the data were dumped.
Slippery slope.
Update: See also Brian Kreb’s coverage of this incident. This was a big breach and data dump, also impacting Intreppid (also offline as of this posting). Brian notes:
The authors of this particular e-zine indicated that they seized control over most or all of Staminus’s Internet routers and reset the devices to their factory settings. They also accuse Staminus of “using one root password for all the boxes,” and of storing customer credit card data in plain text, which is violation of payment card industry standards.
Staminus so far has not offered any additional details about what may have caused the outage, nor has it acknowledged any kind of intrusion.
Update 2: Staminus has released a statement:
To follow up on our communication from yesterday evening regarding the system outage, we can now confirm the issue was a result of an unauthorized intrusion into our network. As a result of this intrusion, our systems were temporarily taken offline and customer information was exposed. Upon discovering this attack, Staminus took immediate action including launching an investigation into the attack, notifying law enforcement and restoring our systems.
Based on the initial investigation, we believe that usernames, hashed passwords, customer record information, including name and contact information, and payment card data were exposed. It is important to note that we do not collect Social Security numbers or tax IDs.
While the investigation continues, we have and will continue to put additional measures into place to harden our security to help prevent a future attack. While the exposed passwords were protected with a cryptographic hash, we also strongly recommend that customers change their Staminus password.
I fully recognize that our customers put their trust in Staminus and, while we believe that the issue has been contained, we are continuing to take the appropriate steps needed to safeguard our clients’ information and enhance our data security policies.
There is also an FAQ on the incident with the statement, but it doesn’t really add much.
No offense, but of course Forbes focused on the KKK. Hackers teal 30GB from anti-DDOS company, but Forbes puts KKK in the headline because they stole 200MB from them. Press these days…..
No offense taken at all. Most media sites go for headlines that they think will attract more readers.
I fully agree with this. There was a helluva lot more data stolen than just on the KKK.
This was fake look at the ezine in the mysql queries he miss spelt “where” and it still outputted results. i tried to post this on kreb’s comment section but he deleted the comment.