everybody with a site at alfahosting.be should change its passwords NOW

Rex Mundi declared yesterday that he has hacked alfahosting.be a Belgian cheap hoster with around 13.OOO client playing peanuts for hosting (and having penaut security)

as I  have been following this hacker since nearly two years and know what he is capable of I alarmed the follwing services

* cert (they don't have any power to impose a solution and certain actions on alfaphosting) they are only with around 3 persons for the moment, trying to do wonders

* fccu (they are the policeservice for the internet in Belgium but for that you will need that the service that has been hit files a complaint)

* the privacycommission as they have now new powers and could have send inspectors to the scene

it was a very nervous day

and there are monday a lot of questions to be answered by alfahosting.be

http://dpaste.com/hold/1797124/

http://dpaste.com/hold/1797118/

http://dpaste.com/hold/1797112/

http://dpaste.com/hold/1797100/

or you can download them here if they are gone

https://mega.co.nz/#F!Z8F3gCxD!F8vpiwAwHfJybp4AAEcyoA

if you use the same password at other services you should change those also

as the site has been online there is a possibility that there are still vunerabilities and backdoors so there is even afterwards a risk for your users especially if you have financial or personal data from them

you are - as a person or as an organisation - still responsable for that personal and financial data of your customers and users and and you are now faced with the question if you will keep your site online (with all that data for which you are responsble) or close it down and move it elsewhere

another thing you should consider is asking all your customers to change their passwords - just in case because the hacker has all the administrative passwords with full access to all these sites

the last word hasn't been said about this case

The comments are closed.