A notification posted by British web hosting company eUKhost in the announcements section of its site on April 28 alerted customers of a data breach that targeted the firm’s billing systems.
“In the past 24 hours we have been made aware that there has been a compromise of our billing system. Although the method of the compromise remains unclear, we can confirm that an administrator level login was compromised and an IP address added to an allow list to allow a successful login,” Managing Director John Strong wrote.
“We have not noticed an increase in compromised accounts of clients and our initial research does seem to suggest the perpetrator wasn’t out to cause damage to our customers, but until we better understand the nature of this problem, we can not take anything for granted.”
As a result of the incident, the organization moved its billing system to another, more secure, server.
Strong told The Register that their investigation led them to believe that the UrduHack Pakistani hacker collective was behind the breach. Apparently the hackers managed to gain access to their systems because of an outdated piece of software.
Fortunately, the data obtained by the hackers doesn’t seem to have ended up online and the initial analysis made by the company shows that no credit card information is at risk.
UrduHack is responsible for a number of data breaches, but judging by their past operations they don’t seem the type of crew that want to cause harm.
Their YouTube video channel shows that in the past they managed to find flaws in Facebook, Yahoo India, and the Indian Police’s cybercrime department.
Around three weeks ago, they published a video in which they demonstrated how they managed to gain access to the systems of Galcomm, an Israeli web hosting company.