Hostinger said it has reset customer passwords as a “precautionary measure” after it detected unauthorized access to a database containing data on millions of its customers.
The breach is said to have happened on Thursday. The company said it received an alert that one of its servers was improperly accessed. Using an access token found on the server, which can give access to systems without needing a username or a password, the hacker gained further access to the company’s systems, including an API database containing customer usernames, email addresses, and scrambled passwords. Hostinger the API database had about 14 million customers records. The company has more than 29 million customers on its books. “We have restricted the vulnerable system, and such access is no longer available,” said Daugirdas Jankus, Hostinger’s chief marketing officer, in a blog post. “We are in contact with the respective authorities,” said Jankus.![hostinger hostinger](https://i0.wp.com/techcrunch.com/wp-content/uploads/2019/08/hostinger.jpg?resize=900%2C991&ssl=1)
An email from Hostinger explaining the data breach. (Image: supplied)
- MoviePass exposed thousands of unencrypted customer card numbers
- StockX was hacked, exposing millions of customers’ data
- Slack resets user passwords after 2015 data breach
- Capital One breach also hit other major companies, say researchers
- An exposed password let a hacker access internal Comodo files
- Security lapse exposed weak points on Honda’s internal network