E2E Networks Hosting Infrastructure as a service providing company suffered from data leak. The security research team at Website Planet has discovered a large database of approximately 8GB 21,682,731 records exposed. Also, they have also found a ransomware note on a compromised server, located in India. There is no clear evidence that data is actually missing. E2E Networks Hosting customers being the Indian money-transfer service InstantPay.

Customer Databreach.

  • Bank account and crypto wallet information
  • Account name
  • Email
  • Street address
  • Contact number
  • Password
  • Invoice
  • As per the researcher, the majority of data is in records are personal information and password. The password is also in clear text and hashed passwords that can be uncovered using a known password table. While financial information leak, Customer invoices but credit card details have not appeared. Some bank account details have been discovered.

    Using the data leak, the attacker able to account takeover vulnerability. The information such as username and passwords are stored in plain text. It is also possible to server takeover vulnerability and change the configuration of the website. It would be possible, for example, to delete nodes, change DNS nameservers, or create a new node.

    Follow us
    LinkedIn : Rapidsafeguard
    Twitter : Rapidsafeguard
    Instagram: Rapidsafeguard
    Facebook : Theeasyhack
    YouTube : Rapidsafeguard

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here