California-based Staminus Communications Inc., a security firm whose specialty is safeguarding customers from DDoS or distributed denial of service attacks, was ironically the victim of a same attack which rendered its network inoperable for more than 20 hours.
On Thursday, the company revealed that the attack occurred around 5 a.m. PST. No one has claimed responsibility for the hacking, which interestingly also compromised the account of the Ku Klux Klan.
Around 5am PST today, a rare event cascaded across multiple routers in a system wide event, making our backbone unavailable.
— DDoS Protection (@StaminusComm) 10 March 2016
A couple of hours later, the security firm took to Twitter to confirm that the global services were back online. However, Staminus did not shed light on what caused the outage.
The extent of damage became clear when someone leaked the download links for what were seemingly the company's customers' details, credit card information and sensitive data. The format was entitled "Fuck 'em all."
The security firm CEO, Matt Mahvi cleared the air a day later, shedding light on the DDoS hacking, which rendered the service unfunctional.
"To follow up on our communication from yesterday evening regarding the system outage, we can now confirm the issue was a result of an unauthorized intrusion into our network. As a result of this intrusion, our systems were temporarily taken offline and customer information was exposed. Upon discovering this attack, Staminus took immediate action including launching an investigation into the attack, notifying law enforcement and restoring our systems," noted Mahvi in a statement on Friday, March 11.
Initial examinations have revealed that data compromise included the usernames, payment data, hashed passwords, as well customer record particulars - including their contact details and name. Staminus, however, disclosed that since it did not gather the tax ID or Social Security numbers of its consumers, those were safe.
Mahvi also let on that as the investigation continues, and in a bid to ward off attacks in the near term, the company will continue to imbibe more safeguards into place to strengthen its security. The CEO also advised that even though the passwords of the users were safeguarded by the cryptographic hash, customers would be better off changing the password as a best practice.
Mahvi also addressed the concerns of Staminus' customers by noting that even though the company had successfully contained the hacking, it was not stopping at that and would continue to take the necessary steps to enhance data security policies, as well as protect its customers' information.
Staminus has assured its customers that the security firm will continue to update them on the progress "as appropriate" as the investigations carries on.
My credit card data may be compromised, what should I do?
Those worried that their credit card data may have been compromised should check their debit card or credit card statements for any potential suspicious activity. In the event you notice any unauthorized activity, immediately alert the bank and report the issue.
How to safeguard against fraudulent activities?
Do not give personal data to unsolicited requests which allege that they are from one's bank or Staminus. The security firm has explained that the email correspondence it sends in regard to the hacking issue will not include any links. Therefore, if a customer receives an email with a link they should be wary and not click on it.
If you use the password deployed for your Staminus account elsewhere too, it is also advisable to reset your password on all platforms.
Photo: Davide Restivo | Flickr