Hetzner, which is based in Midrand in Johannesbur, advised its clients on Wednesday on its website that its konsoleH Database was compromised.
“We can confirm that a SQL injection vulnerability was identified within konsoleH, which has been corrected,” the company said.
“While your konsoleH Admin password has not been compromised, we have proactively updated your FTP password, which was exposed.”
It is imperative that you update all passwords associated with your Hetzner account immediately, including your konsoleH admin password.
The following details have been exposed:
- Customer details (name, address, ID number (if provided), telephone numbers and email addresses)
- Domain names
- FTP passwords, and
- Bank account details (cheque/savings). No credit card details are stored.
“We have external forensic investigators on site working round the clock with our team,” said Hetzner.
“We understand that this event has shaken your confidence in us. It is our earnest commitment to provide you with a hosting service you can trust.”