MANILA, Philippines – Web hosting provider and domain registrar Hostinger suffered from a data breach over the weekend, with data from around 14 million users exposed.
In a blog post on Sunday, August 25, Hostinger said it was alerted on Friday, August 23, to access by an unauthorized third party “to our internal system API, one of which had access to hashed passwords and other non-financial data about our customers.”
According to their post, the server “contained an authorization token, which was used to obtain further access and escalate privileges to our system RESTful API Server. This API Server is used to query the details about our clients and their accounts.”
The database contained client usernames, emails, hashed passwords, first names, and IP addresses for about 14 million users.
The company has since restricted the vulnerable system and reset users’ passwords as a security measure. Despite the breach, it added financial data was safe and the websites and data of Hostinger’s clients were not affected. – Rappler.com