13 Million Passwords Taken in Web Host Data Breach

13 Million Passwords Taken in Web Host Data Breach

October 29, 2015         Written By Natalie Rutledge

The usernames, email addresses and passwords of 13.5 million accounts were stolen from 000webhost, a Lithuanian-based web hosting company.

The company admitted to the breach on its Facebook page.

In the statement, the company said, “We have witnessed a database breach on our main server. A hacker used an exploit in old PHP version of the website gaining access to our systems, exposing more than 13.5 Million of our customers’ personal records. The stolen data includes usernames, passwords, email addresses, IP addresses and names.”

To resolve the issue, 000webhost said, “We are still working 24/7 in order to identify and eliminate all security flaws. Additionally, we are working on upgrading all of our systems… in an effort to protect our users we have temporarily blocked all access to systems affected by this security flaw. We will re-enable access to affected systems after an investigation and once all security issues have been resolved.”

Forbes discovered the breach when an anonymous source contacted Troy Hunt, a cybersecurity professional and owner of the website haveibeenpwned.com, which gives users the ability to see if their email addresses have been compromised in a breach.

While it is unclear how the breach was accomplished, some think 000webhost did not have strong enough security measures.

“I never cease to be amazed at just how badly wrong an organization can get security. It was only this week we learned of the TalkTalk attack having been carried out by a 15-year-old using free tools,” Hunt said in an interview. “Now we’re seeing how 000webhost stored over 13 million passwords in plain text, which is simply unforgivable.”

On its Facebook page, the company promised it is working with law enforcement officials to uncover the source of the breach.

The information contained within this article was accurate as of October 29, 2015. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About Natalie Rutledge

Natalie Rutledge majored in Communications at Mississippi State University. She was in sales for a number of businesses and spent nine years working as a communications advisor to various entities. Natalie can be contacted directly at natalie@lowcards.com
View all posts by Natalie Rutledge
Featured Limited/No Credit
Top Features : No annual fee; reports to major credit bureaus; access to higher credit line after making first 5 monthly payments on time
Featured Fair Credit Card
Top Features : No annual fee; access to higher credit line after making first 5 monthly payments on time
Featured Low Interest Card
Top Features : 1.25X miles on every purchase; no annual fee; bonus of 20,000 miles once $1,000 is spent in first 3 months
Featured Cash Back Card
Top Features : 1.5% cash back on all purchases; $150 bonus after spending $500 in first 3 months
Featured No Annual Fee Card
Top Features : Earn cash back TWICE. 1% when you buy plus 1% as you pay; 0% APR for 18 months on balance transfers
Featured Bad Credit Card
Top Features : Perfect credit not required; Reports to major credit bureaus