HostHatch Was Not Breached

STAFF EDIT: HostHatch were NOT breached, please read the provider’s reply here.

I wonder if you can tell me which one is an easter egg here and why? Hint: plaintext

1 Like

Heh? Could be the alcohol talking but I have no clue what you’re after :confused:

Just curious if people know the hosts they’re actually recommending. :slight_smile:

Yeah I have at least one year of service with all of them as I’ve indicated in my post :wink:

One of these hosts leaked passwords in plaintext before. Hmm-hmm.

Heh I didn’t know that. Which one?

I shouldn’t reveal it so you make some actual research about the hosts you use. :wink:
Anyways, I’ll send you a PM.

@Theseus thanks for that - a quick check shows one with a November 2016 breach. I haven’t gone through the entire list yet - just wondering if that provider notified affected parties as one would expect (I signed on with them more recently so would have missed that).

Will definitely take some time to take a closer look when I get a chance later!

Well to be fair, I did a quick research but must have missed that one. I’ve removed the provider from my post :slightly_smiling_face:

They stored passwords in plaintext for at least 4 years since the first detection.

Hosthatch.com Dedicated server provider Not only do Hosthatch tell you what password you set when you signup (front), but they even keep a copy of your server

Edit 2: plaintext offenders: Plain Text Offenders

Edit 2-2: and you’ve found keeper docs I guess, they hunt for stolen passwords on darknet.

1 Like

Well, Plaintext is good, besides, a email with a username + password does not proof that they store that in plain. Could be just generated.

They had a breach back in 2016. Don’t. Store. Passwords. In. Plaintext.

It could be that the support person went into the email history and extracted the pass from there. Not exactly “stored in a database field” as far as plaintext goes, but still very very shitty.

I’m inclined to agree with regard to not storing passwords in plaintext …

but am not seeing much confirmation that there was in fact a breach.

I’m wondering if anyone was (or was not) notified by this provider, as that would seem to be a required response on their part under the circumstances.

Well, sarcasm.

1 Like

My sarcasm detector keeps having outages… I’ll move it to another host.

I can see this featured on several lists, but for some reason it doesn’t seem to be advertised too much. I won’t even ask what and why happened, I see the issue with plaintext is/was real so I’ll move on.

Edit 2: I’m not gonna play detective anymore, so the story ends here for me.

2 Likes

I saw it mentioned on two sites - apparently referencing the same data - are there any more?

There is one site in particular where I would expect to see it if there actually had been a breach - but there is in fact no mention of it on https://haveibeenpwned.com/ so … I’m left to speculate what actually happened in this case.

The supposed breach would have been less than 3 years ago.

Are there any customers here who had their accounts compromised?

I can see two different numbers, both around ~20000 (±500)-ish range iirc. The other sites who mention it are most likely just a collection of websites that were compromised. If it was 2 years ago I would gladly go on an adventure starting from asking Abdullah and then keeper, and the rest if I wouldn’t get any result that satisfies me.

I wish we could confirm this, if anyone had a service with them before the breach, feel free to use keeper’s tool to check if his data was compromised. But again, we can’t be sure if it was just a part or full database, etc. etc., I don’t want to dig too deep in this anymore.

1 Like

why not?

Trying to keep this HostBalls friendly. Back in the days this happened:

“I will be honest, I became a bit afraid when I saw ColoCrossing’s expected revenue. It’s not worth playing detective for me.”

2 Likes