A company focused on protecting others from distributed denial of service (DDoS) attacks suffered from a breach.
Protection provider Staminus suffered a breach last week when attackers made off with sensitive information from its database and published it online.
Intel Fixes McAfee Bug
PAN-OS Vulnerabilities Addressed
Security Support Tool Patched
HPS, PAN Team in Security Offering
After the attack, the Staminus network was down for several hours, while hackers pulled a large amount of customer data. As it turns out, more than 15GB of data published online following the attack, with download links for customer login credentials, support tickets, server log data, chat logs, and credit card numbers.
A Hastebin link posted online included information on what data the attackers managed to access, revealing Staminus’ entire database might have suffered compromise, along with the database of the Intreppid service (which provides customers with dedicated virtual private servers that have DDoS protection features built-in).
What’s more, the hackers discovered the security firm was providing service to the white supremacist group Ku Kluk Klan (KKK) and its affiliates, and revealed sensitive information pertaining to this Staminus client as well, according to a published report. The company hasn’t provided details on the incident, nor has it confirmed the data breach.
According to the hackers, the security firm made some critical mistakes when it came to securing its data, such as using one root password for all the boxes. Moreover, the attackers also said Staminus was storing full credit card info in plaintext it didn’t patch, upgrade or audit the stack in due time.
For the time being, the only details available on the breach comes from the Hastebin link posted by Staminus’ attackers, which suggest they had access to the entire “Staminus & co infrastructure.”
Staminus suffered the breach Thursday, when the company revealed the attack on Twitter.
On Friday morning, the company said the incident “cascaded across multiple routers” making the backbone unavailable, but the company was able to restore its service by the end of the day.
Staminus Chief Executive Matt Mahvi posted a statement on the company website on Friday, though the site was offline for days following, and the company’s Twitter account remained silent since Friday.
Until the company manages to fully restore its website, customers are advised to cancel their credit cards or choose a credit card monitoring service. Once the Staminus service is restored, they should also consider changing all of their account passwords.