Leave a comment

Free website host hacked. 13M at risk

Free website host hacked. 13M at risk
Photo courtesy of Shutterstock

We've said before that every business needs to have a website to do business in the digital world. And it isn't a bad idea for individuals to have websites as well, whether to show off a hobby, an online portfolio of work, or to host a digital resume.

Of course, getting a website usually costs money. While it isn't really a lot anymore for a basic site (usually a few dollars a month), it's still money. So if there's a free version, you know people are going to opt for that.

That's why 000webhost's free Web hosting service has a reported 13 million users worldwide. And, unfortunately, they're all now at risk.

According to 000webhost, back in March hackers found an unpatched flaw on its server and uploaded malicious software that stole the user names, email addresses and passwords for all its users. 000webhost says it cleaned out the malicious programs, updated its software and is requiring its users to change their passwords.

However, the damage is far from done. First, it took 000webhost seven months to spot the breach, meaning hackers have had the user information for a while.

Even worse, security expert Troy Hunt says that the passwords the hackers released online had no encryption, meaning 000webhost didn't even take basic security steps with its customers' information.

If you're a 000webhost user, and you used your password on more than one online account, it's time to change your password on those accounts. Right now, a hacker could just take over your account with no trouble. This is a good reminder to create a unique password for every account.

000webhost isn't out of the woods yet either. Several security teams have reported at least seven similar security flaws on 000webhost's servers, and at least one of them is still not fixed. So, until it ups its security game, you can expect further data breaches in the future.

If you are looking for a Web host, consider a paid service like GoDaddy, SquareSpace or any number of other ones. They'll have better security and in the grand scheme of things don't really cost that much.

Next Story
Source: ZDNet
View Comments ()
Facebook ends annoying notifications
Previous Happening Now

Facebook ends annoying notifications

Facebook intentionally slows WAY down every Tuesday for employees
Next Happening Now

Facebook intentionally slows WAY down every Tuesday for employees