25 Jan 2018

Security breach incident on January 25

It has come to our knowledge though internal investigations that one of our backup servers holding a copy of our website as well emails was breached on January 25. The server didn’t hold any financial data of our clients.

The server in question contained outdated copies of our production websites as well as backup of our emails. It is highly likely that hackers may have gained access to our email communications with our clients. Most of the email based communication included:

  • Preliminary information sharing of Skype contacts to discuss possible sale of G News domains;

In 99% of the cases no other information was exchanged through emails; however, there have been instances wherein clients had shared with us VPS/CPANEL/Domain registrar credentials to migrate the websites and push the domains; WordPress login information of the sites we have sold; and BTC addresses for payments.

In cases which involved sharing of VPS/CPANEL/Domain registrar credentials, it is generally observed that clients change the credentials soon after the migration is complete and domains are pushed to their accounts. WordPress logins are assumed to have been changed as well because we do not offer any after sales support. If that was the situation in your case, you don’t need to worry as the information would have been outdated.

However, if you haven’t changed the credentials we strongly urge you to do so to avoid any issues. The BTC addresses shared through emails were only for receiving payments and so they do not pose any threat to our clients.

We make is a policy¬† not to share financial information or other personally identifiable information through emails and so 99% of our clients aren’t affected. However, we are trying to contact all our clients to inform them about the security breach and possible implications.

WE STRONGLY URGE YOU TO CHANGE CREDENTIALS OF YOUR VPS/CPANEL/DOMAIN REGISTRAR IMMEDIATELY IN CASE YOU SHARED THEM WITH US THROUGH EMAIL.