Fasthosts hacked: change your password!

[Dynamoo]

From The The Register:

Fasthosts, "the UK's number 1 web host", has fired off emergency emails telling customers to change all their passwords after police were called in to investigate a major data breach.

The Gloucester-based firm contacted The Reg this morning with a statement. It said: "As the breach could relate to Fasthosts customer data... Fasthosts has subsequently reviewed and updated its security and worked with external security experts to ensure that all data held by Fasthosts is secure.

"As a precautionary measure, Fasthosts has asked its customers to update their passwords. This includes their control panel, email, FTP, and database passwords, all of which can be changed via the customer control panel. Fasthosts has now implemented customer password encryption to further protect customer data."

More here.

[John Jupp]

Hate it but a client uses them so everything is being altered. Cheers for the heads up.

[tbp]

If anyone has an account on fasthosts, I would advise them to keep an eye on their credit card / bank details, as these used to be held unencrypted along with the passwords.

[John Jupp]

That shall only apply to those with webhosting and not ordinary website customers obviously as we all I am sure do not keep such details ourselves but use third party payment providers.

[gadget]

Is this just customer login details or FTP as well? .. Sorry, didn't read the quote above.

"Fasthosts has now implemented customer password encryption to further protect customer data."

Makes you wonder what security that had before.

[tbp]

Im not sure if they still do, but I was reliably informed that they used to keep credit card details in their database, in clear text with full details. This was for anyone who had an account with them, whether on a shared or dedicated server.

If someone has got the passwords of all their accounts, it means someones got into their backend, where the credit card details are stored as well.

[ian-d]

Has this affected ukreg customers too, because thinking about it, the only place i have my debit card stored is on ukreg for domain renewals! That might be where my £1.5k was spent? Any thoughts? If it is, i'll be sueing them.

[SimonDance]

Thanks for the heads up -

I've also got some domains with Ukreg and have changed my password and removed my bank details just to be on the safeside...

[ian-d]

I've emailed them an official correspondance asking whether ukreg customers have been affected, and when this breach took place. If its prior to 2 weeks ago, then i might be in a position to make a claim against them for the theft of my card details!

No point me changing them on their site now, the card was terminated!

[getvisible]

yeh - I just had the email through too. Thankfully I don't use them for any of my major sites. But still a concern!

[ian-d]

Here's part of the response to my email asking if it could be the reason for my debit card being use fraudulently...

Fasthosts has been, and continues , working with credit card companies on this incident. If there is any risk to your payment details, you will be contacted by your bank or credit card company.

Not sure that actually means anything, and in the meantime that might be the reason why i had money robbed from my account. Might of course be completely unrelated, but is very strange and somewhat of a coincidence.

[gadget]

On the basis that this has already happened, is there any point in deleting credit card details?

[ian-d]

I wouldn't have thought so really and the email from them (only just received a few mins ago) doesn't suggest to change them. I have however just phoned them and they basically told me nothing as its a 'criminal investigation'. I asked specific questions, one being when did this take place (no answer) and secondly could they gain access to card details, their answer was "probably not, but the relevant bank will be in touch if they feel there is risk on your card". I cannot help but think this is how i had money stolen from the card, as i literally don't use it anywhere else!

[Dynamoo]

El Reg has another article - Banking data fears over Fasthosts intruder | The Register

Investigators are racing to establish whether banking information was stolen by the intruder who hacked into a server at Gloucester-based web host Fasthosts.

The breach was revealed yesterday. Fasthosts has told customers to change all their passwords, which were not encrypted.

Fasthosts has not revealed whether the attacker gained access to credit card and banking information, either belonging to its customers or customers of the websites it hosts. It said it did not want to risk prejudicing the police inquiry.

Fasthosts added: "Since detecting the intrusion, Fasthosts has and continues to work with the credit card bodies to flag up that a network intrusion has occurred. If there is any risk to customers' payment details, customers will be contacted by their bank or credit card company directly."

Gloucestershire police said this morning that the hack is being investigated by the High Tech Crime Unit. More details are expected to be released as the investigation proceeds, it added.

Visa told The Reg it is aware of the breach and is working with card issuers to investigate whether their customers are affected.

[ian-d]

Gets worse and worse doesn't it. I love the 'your bank will let you know if theres any risk', bit late for me! Am tempted to phone the crimes unit, do you think they will be interested/investigate???