Hackers have breached the servers of Kagoya, a famous web hosting company in Japan, and made away with credit card information of millions of users. The company has sent an email to its clients, indicating that it has discovered a massive breach of its security. According to the company, the hackers managed to access credit card data of customers who used the service between the months of April and September this year.
It is not clear the amount of data that the hackers managed to cart away and the exact number of clients that were have been affected by the hack. However, reports indicate that up to 49,000 clients may have lost their persona information to the hackers. Also, reports indicate that another 20,000 clients may have lost their credit card information to the hackers.
On one of the popular forums on which clients of Kagoya share their experiences, the mood was one of annoyance and frustration. Clients were expressing shock that the company may have been lax enough to allow hackers steal data from its servers.
From complaints and other reports, it is emerging that the hackers managed to get a lot of personal information of clients. The hackers may have stolen the names, PIN numbers, email addresses and other forms of personal information of the clients of Kagoya during the hacking incident.
Response
In response to the hacking, Kagoya says that it has taken all the necessary measures to protect its clients. The company has also said that it has filed a formal report to the law-enforcement agencies. The company urged its clients and the general public to remain patient as investigations into the crime are taking shape.
But what may come as a surprise to many is the allegation that Kagoya has stored client data in plain-text format. If this is the case, the company may have failed to provide basic security measures to its clients. However, it has not been proven that Kagoya has failed to encrypt the data of its clients.
Vulnerability
The attack in question was of the OS Command Injection type, a sophisticated form of attack in which hackers use the web interface to execute injection attacks on web servers of specific websites. By commanding the servers of Kagoya to carry out specific actions, the attackers were able to access personal information as well as credit card data of thousands of clients of Kagoya. It remains to be seen how Kagoya will manage the current crisis.