1. Website Planet
  2. >
  3. Blog
  4. >
  5. Report: Indian Cloud Infrastructure Company Leaves Customer Data Exposed

Report: Indian Cloud Infrastructure Company Leaves Customer Data Exposed

Mark Holden
Mark Holden
34
October 23, 2019

Company: E2E Networks Hosting (formerly Spikecloud)

Severity: High

Type: ElasticSearch Database

Size: 8GB, amounting to 21,682,731 records exposed

Countries Affected: Primarily India

Our security research team at Website Planet has discovered a large database breach on the severs of Cloud Infrastructure company E2E Networks Hosting. Cybersecurity experts also discovered a ransomware note on the compromised server, located in India, however, it’s not evident whether data is actually missing. Personal data and financial information in the form of invoices have been left exposed, amounting to over 21-million records.

Customer Data Leaked

  • Financial details such as bank account and crypto wallet information
  • Invoices
  • Email addresses
  • Street address
  • Phone numbers
  • Account names
  • Passwords — clear text and hashed 

Impact

Our research team was able to access over 21- million records via the database breach. The potential impact of this level of breach is substantial, with one of E2E Networks Hosting customers being the Indian money-transfer service InstantPay.

The majority of the information contained in the records is Personally-Identifying Information (PII) and passwords — a mixture of clear text and hashed passwords that can be uncovered using a known password table. 

Some financial information has also been exposed, in the form of customer invoices, and while it doesn’t appear that customer credit card details have been exposed, some bank account details have been discovered.

The data exposed in this breach can be taken advantage of in a number of ways:

Account Takeover

In many of the exposed records, email addresses, usernames, and passwords are visible in cleartext, meaning that anyone in possession of this data would be able to log into the customer’s E2E Networks Hosting account and perform any kind of action — such as accessing files, changing account details, and accessing financial and other data about the customer, including any saved credit card details.

E2E Networks Hosting account takeover

Server Takeover

Because E2E Networks is a cloud hosting company, being able to log into a customer’s account means that it’s possible to change website configurations and system configurations via the customer’s servers. The potential damage this can do is extensive — although it does depend on the type of servers and apps that the customer has on their account. It would be possible, for example, to delete nodes, change DNS nameservers, or create a new node.

A coveted practice among cybercriminals is exploiting stolen credentials to spin up new servers for mining cryptocurrencies, and having the victim pay for them. This breach allows exactly that – using the customer credentials to create new servers for free, which will generate quick cash for the criminals.

Identity Theft

When PII data is exposed, in addition to company names and billing details, there’s a huge potential for this data to be used maliciously. Anyone in possession of this data would be able to claim to represent the companies and individuals, using the personal data in identity theft scams.

Phishing

When a large number of email addresses and phone numbers are leaked, there is a high risk of phishing attacks. Having details such as customer IDs and financial information can allow for targeted phishing, and increases the likelihood of the victim clicking on links sent to their email addresses.

Privacy Issues

Company information has been left vulnerable in this breach, in addition to invoice details that could lead to financial espionage and blackmail. For example, we identified an account that had been suspended due to non-payment. This information could be used for blackmail or shaming of the company that is in debt.

Prevention

Data leaks of this kind can easily be prevented with the implementation of stronger security practices such as encryption of customer data and passwords and antimalware software. Ironically, E2E Networks Hosting considers itself an expert in cybersecurity, according to a 2017 article published on its website, but it appears to have failed to adequately secure its own servers.

What is Website Planet?

Website Planet is the number one resource for web designers, digital marketers, developers and businesses with an online presence. You’ll find tools and resources for everyone from beginners to experts — and honesty is our top priority.

We have an experienced team of ethical security research experts who uncover and disclose some of the most serious data leaks, as part of a free service for the online community at large. You can read about how we tested five popular web hosts to see how easily hackable they are here

34 claps
Clap for the post if you found it useful!

Related posts

Show more related posts

Any comments?

0 out of minimum 100 characters
Required Field Maximal length of comment is equal 80000 chars Minimal length of comment is equal 100 chars

We check all user comments within 48 hours to make sure they are from real people like you. We're glad you found this article useful - we would appreciate it if you let more people know about it.

Share this blog post with friends and co-workers right now:

We check all comments within 48 hours to make sure they're from real users like you.

Once a month you will receive interesting, insightful tips, tricks, and advice to improve your website performance and reach your digital marketing goals!

So happy you liked it!

Share it with your friends!