Company: E2E Networks Hosting (formerly Spikecloud)Severity: HighType: ElasticSearch DatabaseSize: 8GB, amounting to 21,682,731 records exposedCountries Affected: Primarily IndiaOur security research team at Website Planet has discovered a large database breach on the severs of Cloud Infrastructure company E2E Networks Hosting. Cybersecurity experts also discovered a ransomware note on the compromised server, located in India, however, it’s not evident whether data is actually missing. Personal data and financial information in the form of invoices have been left exposed, amounting to over 21-million records.Customer Data Leaked
Financial details such as bank account and crypto wallet information
Invoices
Email addresses
Street address
Phone numbers
Account names
Passwords — clear text and hashed
Impact
Our research team was able to access over 21- million records via the database breach. The potential impact of this level of breach is substantial, with one of E2E Networks Hosting customers being the Indian money-transfer service InstantPay.The majority of the information contained in the records is Personally-Identifying Information (PII) and passwords — a mixture of clear text and hashed passwords that can be uncovered using a known password table. Some financial information has also been exposed, in the form of customer invoices, and while it doesn’t appear that customer credit card details have been exposed, some bank account details have been discovered.The data exposed in this breach can be taken advantage of in a number of ways:
Account Takeover
In many of the exposed records, email addresses, usernames, and passwords are visible in cleartext, meaning that anyone in possession of this data would be able to log into the customer’s E2E Networks Hosting account and perform any kind of action — such as accessing files, changing account details, and accessing financial and other data about the customer, including any saved credit card details.
Server Takeover
Because E2E Networks is a cloud hosting company, being able to log into a customer’s account means that it’s possible to change website configurations and system configurations via the customer’s servers. The potential damage this can do is extensive — although it does depend on the type of servers and apps that the customer has on their account. It would be possible, for example, to delete nodes, change DNS nameservers, or create a new node.A coveted practice among cybercriminals is exploiting stolen credentials to spin up new servers for mining cryptocurrencies, and having the victim pay for them. This breach allows exactly that – using the customer credentials to create new servers for free, which will generate quick cash for the criminals.
Identity Theft
When PII data is exposed, in addition to company names and billing details, there’s a huge potential for this data to be used maliciously. Anyone in possession of this data would be able to claim to represent the companies and individuals, using the personal data in identity theft scams.
Phishing
When a large number of email addresses and phone numbers are leaked, there is a high risk of phishing attacks. Having details such as customer IDs and financial information can allow for targeted phishing, and increases the likelihood of the victim clicking on links sent to their email addresses.
Privacy Issues
Company information has been left vulnerable in this breach, in addition to invoice details that could lead to financial espionage and blackmail. For example, we identified an account that had been suspended due to non-payment. This information could be used for blackmail or shaming of the company that is in debt.
Prevention
Data leaks of this kind can easily be prevented with the implementation of stronger security practices such as encryption of customer data and passwords and antimalware software. Ironically, E2E Networks Hosting considers itself an expert in cybersecurity, according to a 2017 article published on its website, but it appears to have failed to adequately secure its own servers.
What is Website Planet?
Website Planet holds the top position as the go-to resource for web designers, digital marketers, developers, and businesses operating online. We provide a comprehensive range of tools and resources catering to individuals ranging from novices to professionals. Rest assured, maintaining transparency remains our foremost commitment.
We have an experienced team of ethical security research experts who uncover and disclose some of the most serious data leaks, as part of a free service for the online community at large. You can read about how we tested five popular web hosts to see how easily hackable they are here.
Website Planet is the number one resource for web designers, digital marketers, developers, and businesses with an online presence.
Our team of ethical security research experts uncovers and discloses serious data leaks as part of a free community service we perform for the web at large.
Thank you, - your comment was submitted successfully!
We check all user comments within 48 hours to make sure they are from real people like you. We're glad you found this article useful - we would appreciate it if you let more people know about it.
Share this blog post with friends and co-workers right now:
Thank you, , your comment was submitted successfully!
We check all comments within 48 hours to make sure they're from real users like you. In the meantime, you can share your comment with others to let more people know what you think.
Thank you for signing up!
Once a month you will receive interesting, insightful tips, tricks, and advice to improve your website performance and reach your digital marketing goals!
