konsoleH Database Compromise

Twitter ButtonFacebook Button

On 1 Nov 2017 we became aware of unauthorized access to our konsoleH Control Panel database. We can confirm that a SQL injection vulnerability was identified within konsoleH, which has been corrected.

We shut down access to konsoleH during the course of the day while investigations proceeded .

While konsoleH Admin passwords have not been compromised, we have proactively updated all FTP passwords, which were exposed.

It is imperative that customers update all passwords associated with your Hetzner account immediately, including konsoleH admin passwords.

What information was exposed?

The following details have been exposed:

  • Customer details (name, address, ID number (where applicable), telephone numbers and email addresses)
  • Domain names
  • FTP passwords
  • Bank account details (cheque/savings). No credit card details are stored.

What do you need to do?

Customers should update the following passwords immediately:

  • All database access passwords (Find out how to do this here).  Note, you will need to update your web application database connection strings.
  • While we have updated all FTP passwords, customers will need to reset this password to gain access  (Find out how to do this here)
    • If you have made use of an additional FTP user, please manually update these passwords via konsoleH
  • All email passwords that have not been updated recently. (Find out how to do this here). (Note that this is a proactive step as we have not recorded mailbox passwords for a while).
  • While this password was not compromised, we recommend that konsoleH Control Panel login passwords should also be updated. (Reset your password here)

Should you have provided konsoleH access details to any other parties, please advise them to update their login details as soon as possible. Mailbox users are able to update their passwords via our Webmail interface (webmail.konsoleh.co.za) (Find out how to do this here).

We have external forensic investigators on site working with our team. We understand that this event has shaken your confidence in us. It is our earnest commitment to provide you with a hosting service you can trust.

Update: Frequently Asked Questions