Hosting company hit by hack attack

Customers spammed with offensive e-mails

E-mail hosting company Servers Australia was the victim of a hack attack on Friday which spammed its customers with offensive e-mails by assuming the company's domain name.

A company source said the company is "almost 100 percent sure" the attack exploited a flaw in its Kayako security appliances which allowed the attacker to spam its users.

According to the source, the hacker blindly injected the HTML spam into the support system but was denied access to client information.

Servers Australia manager Jared Hirst reassured the company's customers in an e-mail response, that their personal data was not compromised and warned against following the links provided in the e-mails.

"I am writing to let you know that someone injected spam e-mail into our support system and managed to send it to all of our customers," Hirst said.

"They have not gained access to any e-mail addresses or personal information because they injected the spam into our system.

"I personally apologise for any inconvenience that this has caused and I ask that you do not click on any of the links in those e-mails for security reasons."

While one link pointed to a rival e-mail hosting company, one local IT manager, who preferred to remain anonymous, said the second address would "almost certainly be a phishing site."

Hirst said the company is working with Kayako to resolve the issue.

The vendor was unavailable for comment.

Fortunately, Servers Australia data was not compromised although breaches have increased significantly in the past two years.

The most recent high profile example occurred at The TJX Companies.

The organization's payment system was illegally accessed disclosing details on millions of the company's customers in the US and Europe.

"When it comes right down to it, very few companies have effective controls to monitor internal systems closely and follow the movement of data" on their networks, according to Alex Bakman, CEO of Ecora Software.

"The underlying problem is that companies are treating security as a 'nice to have' as opposed to a 'must have,'" Bakman said.

"TJX is just the tip of the iceberg. I think we are going to see many more" such disclosures, he added. "It's going to get a lot uglier before it gets any better."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Ecora

Show Comments