Hey there; okay so further to admin response detailing that Infinitifree suffered outages due to domain breach, which has now been somewhat resolved - ive just had an email from Hostinger (a hosting platform ive used before moving to this one, and also partners with Infiniti) detailing that their service has also had a data breach and reset my password for security protection - see screenshot,
Now im not too sure if this is only happening to myself or legitimate attempts to take down hosting services, but i thought it be worth sharing; I find it very strange as im actually starting a Uni course on cyber security in september, and goals for a career in this area??
I’m not sure what you are talking about regarding a “breach” on a domain. The issue with the epizy.com was caused by either a technical error or a human error (or both) at either NameSilo or VeriSign (ob both) which caused the domain to be misconfigured. There was no security issue and no data breach. There was no data leak or unauthorized access to anything as far as I know.
Also, it’s not just your account was compromised. I got many emails from Hostinger from many of their different brands regarding data breaches. If you just search the web for “hostinger data breach”, you’ll find many IT news outlets having posted articles in the last few days about this, and 14 million accounts being affected.
Ironically, the 000webhost breach revealed that they stored all passwords in plain text (which any IT student should be able to tell is a huge no-no). The Hostinger passwords were not stored in plain text but with SHA-1, which is not quite as bad (depending on the implementation), but still far from best practice.
For the record, InfinityFree client area passwords are hashed with bcrypt and hosting account passwords are encrypted with AES-256.
