New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I linked the source. As mentioned I didn’t say that their customer db was hosted on their shared environment, but rather that the db relating to their shared environment was breached.
This breach comes after Hetzner’s statement about the 70million record breach of South African citizens’ information, which was stored on a Hetzner server, not being Hetzner’s doings claiming that their services are securd... I guess someone took that as a challenge.
@mikewazar I can't see where it states that their shared hosting databases were compromised anywhere in that statement.
Partially same owners ultimately. So absolutely not relevant outside of a legal perspective - Hetzner DE is not liable, but it is for all that matters the same company.
Pls get correct information.
Hetzner ZA is to Hetzner DE what OVH telecom is to OVH SARL. Not same entity, not entirely same owner set, but same key people.
Using the same backend I would imagine.
Possibly, potentially replicated and separated since the EU Customer Data couldn’t be easily hosted outside of EU for compliance
I totally agree. Thinking about a connection of the databases or even servers those data is stored on makes me shudder...
as said above from the looks of it the german konsoleh is a newer version, so maybe the ZA entity was quite behind with updating/patching whatever. most likely they even need to pay for it.
To answer your questions, the companies operate as separate legal entities: Hetzner (Pty) Ltd in South Africa and Hetzner Online GmbH in Germany.
Therefore, Hetzner (Pty) in South Africa has no access to any Hetzner Online GmbH customer information, and we at Hetzner Online are unaffected by the vulnerability.
Yes, both companies have interfaces that are called konsoleH, but we have been developing our versions separately. In addition, we at Hetzner Online do not store sensitive customer data, such as passwords and banking details, in plaintext form. Any additional questions you may have about this vulnerability are best directed at Hetzner (Pty) Ltd:
https://hetzner.co.za/news/konsoleh-database-compromise/
https://hetzner.co.za/news/konsoleh-database-compromise-faq/
--Katie, Marketing Hetzner Online (Germany)