German game hosting company ZAP-Hosting has fallen victim to multiple hacking attempts. The company reports this in an email to customers, which can also be read in a blog. In the hacks, customer data was captured and published on the Internet. These include e-mail addresses and user names. Address information may also have been leaked.
ZAP-Hosting writes it has been the target of several "highly targeted attacks" on internal infrastructure services. These attacks took place between March 13 and March 15, 2022. Because of quick action by the team, much of the damage was limited, writes director of ZAP-Hosting Marvin Kluck. However, the company did temporarily shut down parts of the infrastructure as a security measure.
Customer data was captured in the hacks. A database dump from the company's customer portal was probably used. This contains customer data and was published on the Internet. Damage was allegedly attempted through brute force and through this publication, according to ZAP-Hosting.
The stolen dataset is dated Nov. 22, 2021. According to ZAP-Hosting, the cybercriminals did not disclose the dataset until March 13/14. The company says it knew nothing about it before then. The investigation into the data theft is ongoing. ZAP-Hosting has apologized. The company is giving its customers a twenty-euro voucher as compensation.
The leaked email addresses have been added to Have I Been Pwned's database. This shows that it involves more than 60GB of data, and over 746,000 unique email addresses. Have I Been Pwned reports that in addition to email addresses, support chat logs, IP addresses, names, purchases, physical addresses and phone numbers have also been published.
ZAP-Hosting wrote in the email that email addresses and usernames were in the database. If the customer had a chat with customer service, or provided address information, this data could also be online. The company stressed that passwords for the customer portal were included only in encrypted form. However, automatically generated passwords for some subuser accounts can be read recognizably. ZAP-Hosting says it has since reset these passwords, but still advises customers to change their passwords.
The leaked database did not contain credit card or other payment information, according to the hosting company. Nor were any customer products or servers captured.
It is not clear exactly what the cybercriminals wanted to achieve with the hacks. No negotiation or extortion took place, reports ZAP-Hosting. The company says it has been working with white-hat hackers for years to improve security. Soon, ZAP-Hosting will share more information on how such incidents can still happen.
