Leading website hosting provider DreamHost reportedly left around 815 million customer records online under a database without password protection. The database was found by security researcher Jeremiah Fowler who teamed up with Website Planet to reveal the incident last April 16, 2021.
After finding the unsecured database, Forbes states Fowler disclosed the incident to DreamHost, which the latter quickly responded to by taking the database down from the public.
According to TechRadar Pro, the Los Angeles-based company exposed a total data amount of 86.15 gigabytes worth of customer records. In total, the database without password protection was only made available on the internet for 12 hours.
These include both admin and user information from the company’s DreamPress WordPress hosting accounts. Some of the data made vulnerable include the first and last names of customers, email addresses, usernames, roles, IP addresses and timestamps, as well as the login location of individuals, reveals TechRadar Pro.
The records leaked on the internet spanned three years of DreamPress customer and user data, starting from 3/24/2018 to 4/16/2021, reports Fowler through Website Planet. DreamHost said that a total of 21 websites have been affected.
In a statement, DreamHost acknowledged the incident saying, “A logging database had been used for storing test data related to feature development. This database was not properly configured for authentication. A firewall configuration issue temporarily made this database accessible outside of our network.”
The Los Angeles-based web hosting provider also maintained that although the figures pertaining to the data leak were correct, they ensured the public and their customers there were no Personally Identifiable Information (PII) compromised.
A spokesperson of DreamHost also said that the database was only “available for approximately 12 hours before being removed. During this time we believe this database was accessed by a single internet user – a security researcher who had been scanning our IP space. He alerted us to the finding as we were already in the process of taking it down.”
Following the incident, the web hosting company has removed the testing data on the internet and have since reached out to the owners of the 21 websites who were affected by the data leak, notes TechRadar Pro.
Following the exposure of personal details, Fowler told Forbes that the incident could lead to individuals being attacked by malicious threat actors through phishing attacks or ransomware attacks. They could be subjected to domain theft, said the security researcher.