Hosting company hit by hack attack

Customers spammed with offensive e-mails

E-mail hosting company Servers Australia was the victim of a hack attack on Friday which spammed its customers with offensive e-mails by assuming the company's domain name.

A company source said the company is "almost 100 percent sure" the attack exploited a flaw in its Kayako security appliances which allowed the attacker to spam its users.

According to the source, the hacker blindly injected the HTML spam into the support system but was denied access to client information.

Servers Australia manager Jared Hirst reassured the company's customers in an e-mail response, that their personal data was not compromised and warned against following the links provided in the e-mails.

"I am writing to let you know that someone injected spam e-mail into our support system and managed to send it to all of our customers," Hirst said.

"They have not gained access to any e-mail addresses or personal information because they injected the spam into our system.

"I personally apologise for any inconvenience that this has caused and I ask that you do not click on any of the links in those e-mails for security reasons."

While one link pointed to a rival e-mail hosting company, one local IT manager, who preferred to remain anonymous, said the second address would "almost certainly be a phishing site."

Hirst said the company is working with Kayako to resolve the issue.

The vendor was unavailable for comment.

Fortunately, Servers Australia data was not compromised although breaches have increased significantly in the past two years.

The most recent high profile example occurred at The TJX Companies.

The organization's payment system was illegally accessed disclosing details on millions of the company's customers in the US and Europe.

"When it comes right down to it, very few companies have effective controls to monitor internal systems closely and follow the movement of data" on their networks, according to Alex Bakman, CEO of Ecora Software.

"The underlying problem is that companies are treating security as a 'nice to have' as opposed to a 'must have,'" Bakman said.

"TJX is just the tip of the iceberg. I think we are going to see many more" such disclosures, he added. "It's going to get a lot uglier before it gets any better."

More about: Ecora

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/19/avg-anti-virus-free-edition/

AVG Anti-Virus Free Edition

Note: This review covers version 8.5 of the software. This software is now in version 9.0. Antivirus program AVG 8.5 Free offers solid features and ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia