DDoS Protection Provider gets Hacked
Staminus Communications, a DDoS (Distributed Denial of Service) protection service provider, was hacked in a major security breach this morning. Staminus earlier posted on their official social media account that they've brought their entire network offline without specifying the cause. However, a number of online forum users mentioned that the downtime was apparently caused by a data breach.
The leaked information is now public, with 15GB of data dumped on TOR. During the outage, an anonymous user posted online download links to files that appear to include the company's customer credentials, credit card numbers, support tickets, and other sensitive data.
DDoS attacks have reached an all-time high in 2015, with the biggest DDoS attack recorded in the last quarter. The attack lasted over thirteen hours at 240Gbps—significant because attacks typically last about one to two hours. According to Akamai reports, the software and gaming industries accounted for more than 75 percent of all the documented DDoS attacks. In just one year, gaming companies saw their share of the total surge from 35 to 50 percent. As DDoS attacks escalate in size and impact, it is becoming a growing security problem for public and private sector organizations—and is now being used not only as a hacktivism tool, but for extortion purposes as well.
As of late, Staminus has not provided any additional details about what may have caused the leak, nor did it acknowledge the intrusion. We continue to monitor this incident and will provide further updates. Meanwhile, if you use Staminus, change your Staminus-related passwords and monitor credit card activity for possible fraud.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale