After 000webhost hack: 13 million user data in circulation

(Picture: AP, Nicolas Low / icon)

13 million records by users of the Web hosting company 000webhost leaked onto the Internet. In addition to e-mail addresses are to be found in plain text and passwords.

Unknown hackers have published a database of a Reseller 000webhost with 13 million users entries. This information to the security researcher Troy Hunt has been leaked, which operates the website Have I Been Pwned. Those in charge of 000webhost confirm the incident.

The unknown contact insured against Hunt that the slump is said to have taken place in the computer system of the web hosting company already about five months.

Passwords in plain text 000webhost

According to Hunt found in the leaked data in addition to the email addresses of users and their first and last name, also the passwords in plain text are visible. He has further discovered evidence that other Web hosters who work with 000webhost could be affected by the online slump.

explain the operators of 000webhost that the attackers have gained about an exploit for an old version of PHP access to the computer system. Then copied the hacker user data. Claims to the Web hosting has changed all the passwords and optimized encryption. Users should immediately change their password, advises 000webhost.

Hunt has studied the website and web hosting company also and found that the members will be called unencrypted HTTP. In addition, the log-in data is to be woven, including password in the URL. (of)