New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Hetzner (South Africa) - security incident
AlexBarakov
Patron Provider, Veteran
in General
Just received this via an email, don't think it is in any way related to Hetzner DE:
Good day,
Security incident - here’s what you need to know
As a previous Hetzner customer with an inactive account, we’d like to inform you of a security incident involving your Hetzner account information.
If you would prefer that we remove your personal data from our system, please respond to this email.
What you need to know:
Over the past year, we have significantly increased our measures to harden our systems against possible attack. This includes regular penetration testing and a comprehensive audit by independent cyber security specialists, with a dedicated team always working to strengthen our systems and the security of your data.
On Friday, 5 October, our technical team uncovered suspicious activity on our database. We acted swiftly, working around the clock, to patch the vulnerability from further coordinated attacks.
Data that may have been exposed:
Name and email address
Phone number(s)
Address details
Debit Order bank account details such as your bank account number.
Identity number
VAT number
Data that was NOT exposed:
Credit card details - this information is not stored on any of our systems
Passwords and login credentials
Website and email content
What you should do:
There is no action to be taken on your side. However as always, we do recommend that you remain extremely vigilant to avoid phishing scams.
Comments
...again
@Hetzner_OL
The end is clearly nigh.
Why? There is nothing that @Hetzner_OL could say about it. These are 2 different companies.
https://en.wikipedia.org/wiki/Hetzner_South_Africa
Okay then, @Hetzner_South_Africa
Surely take this statement with a grain of salt. They suffered a data breach (almost exactly a year ago) that exposed the same information (client's personal details, bank acct numbers, etc.).
On the plus side - at least it doesn't appear that the plain text FTP and DB logins were exposed this time.
It is to be noted that this is not the same company as hetzner.com
I have explicitly noted this in the title and the first line of the post.
So "Hetzner" means something?
It's the last name of the founder, but Hetzner GmbH and Hetzner SA (South Africa) are two completely different business entities and don't share infrastructure, client databases, etc.
There was something like this already a few years back iirc ?
The founder of both companies is Martin Hetzner.
Hi there, As some of you have already written, we at Hetzner Online are working independently from Hetzner in South Africa. We are partner and family connected, but do not share client information or databases. Furthermore, we develop and program our systems and products completely separately in Germany. That means we at Hetzner Online are NOT affected by the security incident. If you have questions about this, please see https://hetzner.co.za/contact-us/