Staminus, a global Web security company specializing in protecting against distributed denial of service (DDoS) attacks, has reportedly fallen victim to a massive hack. According to a report by investigative journalist Brian Krebs, the company’s entire network was knocked offline for more than 20 hours until Thursday evening. On Friday afternoon, the Newport Beach, California-based firm released a statement from its CEO Matt Mahvi, addressing the “rare event” it had previously announced on its social media pages.
Around 5am PST today, a rare event cascaded across multiple routers in a system wide event, making our backbone unavailable.
— DDoS Protection (@StaminusComm) March 10, 2016
“To follow up on our communication from yesterday evening regarding the system outage, we can now confirm the issue was a result of an unauthorized intrusion into our network,” Mahvi said.
“As a result of this intrusion, our systems were temporarily taken offline and customer information was exposed. Upon discovering this attack, Staminus took immediate action including launching an investigation into the attack, notifying law enforcement and restoring our systems,” read the statement.
Based on the company’s initial investigation, the firm believes usernames, hashed passwords, customer record information, including name and contact details, as well as payment card data were exposed. Meanwhile, Krebs reported “a huge trove of data” was dumped online Thursday in the format of a “classic ‘hacker e-zine’,” which included download links to databases allegedly stolen from Staminus and Intreppid – one of its services.
Source: KrebsonSecurity.com “The authors of this particular e-zine indicated that they seized control over most or all of Staminus’s Internet routers and reset the devices to their factory settings,” wrote Krebs. “They also accuse Staminus of ‘using one root password for all the boxes,’ and of storing customer credit card data in plain text, which is violation of payment card industry standards," he said. However, the company noted that as its investigation continues, it has and will continue to put additional measures into place to harden its security to help prevent a future attack. Staminus’ services have since been restored, and the company strongly encourages customers to change their password. “I fully recognize that our customers put their trust in Staminus and, while we believe that the issue has been contained, we are continuing to take the appropriate steps needed to safeguard our clients’ information and enhance our data security policies,” said Mahvi.
