Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Possible Data Leak - HostDoc
New on LowEndTalk? Please Register and read our Community Rules.

Possible Data Leak - HostDoc

Just received this email from Doc

Over the last few months, our client area has been experiencing odd caching issues which proved to be a problem to pinpoint.

Numerous fixes have been implemented with the assistance of WHMCS staff, however, none seemed to persist.
These fixes were not merely a cache flush and call it a day.

Upon an extended debug, it was found that the culprit for our sessions corruption and data leak was a tawk.to module.

Tawk.to was not only loaded as a module in our WHMCS installtion, but was further added as code to the footer.tpl file when a new template was implemented.
This created two tawk.to profiles attempting to load on the installation simultanously. It may have been noticed if you ever visited our client area and got a green chat icon rather than a blue one.
The module, which served the green chat box, was the cause of the caching and session corruptions and has now been permanently removed from the client area.

I would like to use this opportunity to notify all clients that access to their account or VPS was impossible.
Upon replication, data found to be leaked were:

  • Services rendered
  • Ticket status and heading
  • email address
  • Name and address

No alteration to account details would have been possible. There has been no breach to our servers nor are client accounts accessable.
It was also observed that the leak only took place under 2 conditions while the module tried to load:

  • Client was still logged in
  • Client did not log out

Till this day, not one of our clients have recieved spam as a consequence of signing up with HostDoc. We do not sell client details or disclose them to third parties.

It is unfortunate that this issue was so problematic pinpointing and addressing. I would like to thank clients who have been patient with us while we have tried to locate and rectify the root cause and apologise for any data that may have got out.
HostDoc is far from a scam operation and has jumped through hurdles to prove this over the last few years. One thing you can be sure of is that despite the time a resolution has taken to be found, security has always and will continue to remain one of our top priorities.
A further statement will be released in a few months once we have been able to monitor the client area adequately and be sure there are no further instances of this occuring.

As of now, we cannot replicate the data leak.
There has been a dramatic increase in traffic to our client area over the last few days with no sign of the issue reoccuring despite deliberate attempts to recreate.

Once again, please accept our sincerest apology for any and all data leaked during this time. It is not what you (our clients) would expect and it is far from the level of service we aim to deliver.

Kind regards
HostDoc Hosting Team.

«1

Comments

  • AlwaysSkintAlwaysSkint Member
    edited January 2020

    WebGuru said: email address
    Name and address

    Crucial information.

    WebGuru said: Till this day, not one of our clients have recieved spam as a consequence of signing up with HostDoc.

    Proof?

    Thanked by 1dahartigan

    Long live LowEndInfo.com

  • LESLES Member

    These guys have deleted my account for no reason... so i'm happy. My guess that they are a terrible provider has been confirmed.

    VPS List ★ LowEndStock.com ★ | → Follow @ Twitter | → Best (limited) VPS Deals

  • HostMediaHostMedia Member, Provider

    Names and addresses are more than enough to breach GDPR - good they emailed their customers but I don't think this line is very good "Till this day, not one of our clients have recieved spam as a consequence of signing up with HostDoc." presuming isn't a good idea when it comes to people's personal data - it isn't just spam, someone can use those details to start fraudulent activities.

    Fingers crossed it was a minor issue and no data was leaked.

  • RhysRhys Member, Provider
    edited January 2020

    HostMedia said: it isn't just spam, someone can use those details to start fraudulent activities.

    Deeply concerning how downplayed this is in the email.

    @HostDoc have you reported this to the ICO as a data breach? There's no mention of it in the email sent.

    Thanked by 2dahartigan limited
  • AlwaysSkintAlwaysSkint Member
    edited January 2020

    HostMedia said: Names and addresses are more than enough to breach GDPR

    This. Trying to brush it under the carpet isn't an option and hasn't been given the seriousness that it deserves.

    In this digital word, I try to sign up with only partial address details - not false information, just incomplete (though the postie knows where to find me). It's only the more draconian providers that get 'shirty' over this.

    Thanked by 1dahartigan

    Long live LowEndInfo.com

  • Might want to pop over to the other site to see accusations of "motivations" for de-listing HostDoc because of this. Surely my "motivations" will bear any fruit if he ran a proper ship.

    Anyway, don't believe my "motivations". See all the forum posts for yourselves.

    I hope he properly deletes customer data. If he doesn't, you are not safe even with termination.

    Thanked by 2dahartigan HostMedia

    Deals and Reviews: LowEndBoxes Review | Avoid dodgy providers with The LEBRE Whitelist | Free hosting (with conditions): Evolution-Host, NanoKVM, FreeMach, ServedEZ | Get expert copyediting and copywriting help at The Write Flow

  • dahartigandahartigan Member without signature

    @WebGuru said:
    Tawk.to was not only loaded as a module in our WHMCS installtion, but was further added as code to the footer.tpl file when a new template was implemented.

    How/why?

    This created two tawk.to profiles attempting to load on the installation simultanously. It may have been noticed if you ever visited our client area and got a green chat icon rather than a blue one.
    The module, which served the green chat box, was the cause of the caching and session corruptions and has now been permanently removed from the client area.

    So two instances of tawk was the culprit?

    I would like to use this opportunity to notify all clients that access to their account or VPS was impossible.

    What a relief...

    Upon replication, data found to be leaked were:

    • Services rendered
    • Ticket status and heading
    • email address
    • Name and address

    WTF that's worse than access to my VPS!

    Till this day, not one of our clients have recieved spam as a consequence of signing up with HostDoc.

    You say that with confidence, but do you actually know that? How?

    We do not sell client details or disclose them to third parties.

    Perhaps not intentionally, but technically it's happening.

    A further statement will be released in a few months once we have been able to monitor the client area adequately and be sure there are no further instances of this occuring.

    That's not really comforting, the intermittent issue is fixed but it's probably going to come back?

  • HostMediaHostMedia Member, Provider

    @Rhys said: @HostDoc have you reported this to the ICO as a data breach? There's no mention of it in the email sent.

    I would doubt that they have based on the email - if they contacted the ICO they would have been pushing out a lot more details of the breach to customers and they would have (I hope they did this) shut down (or IP locked) their WHMCS instance straight away when the issue was reported/found.

  • RossGRossG Member, Provider

    @WebGuru said:
    The module, which served the green chat box, was the cause of the caching

    It sounds strange that the tawk.to module could be causing customer data to be cached.

    https://github.com/tawk/tawk-whmcs/blob/master/modules/addons/tawkto/hooks.php

    The code is all open source and I can’t see anything there which could cause something to be cached or modify a session.

    I hope this hasn’t been used as a “get out of jail” for a more serious issue, but it does seem like a bit of a stretch to blame this all on tawk.

  • RossG said: The code is all open source and I can’t see anything there which could cause something to be cached or modify a session.

    You need to consider caching at other levels of the software stack.

    Thanked by 1yoursunny

    Long live LowEndInfo.com

  • @AlwaysSkint said:

    RossG said: The code is all open source and I can’t see anything there which could cause something to be cached or modify a session.

    You need to consider caching at other levels of the software stack.

    Yes, but I think what he is saying is that he doesn't believe HostDoc identified the problem correctly.

    Deals and Reviews: LowEndBoxes Review | Avoid dodgy providers with The LEBRE Whitelist | Free hosting (with conditions): Evolution-Host, NanoKVM, FreeMach, ServedEZ | Get expert copyediting and copywriting help at The Write Flow

  • MikePTMikePT Member, Provider

    @RossG said:

    @WebGuru said:
    The module, which served the green chat box, was the cause of the caching

    It sounds strange that the tawk.to module could be causing customer data to be cached.

    https://github.com/tawk/tawk-whmcs/blob/master/modules/addons/tawkto/hooks.php

    The code is all open source and I can’t see anything there which could cause something to be cached or modify a session.

    I hope this hasn’t been used as a “get out of jail” for a more serious issue, but it does seem like a bit of a stretch to blame this all on tawk.

    I second this.
    I just don't see how it'd be possible to happen.

  • @dahartigan said:

    Upon replication, data found to be leaked were:

    • Services rendered
    • Ticket status and heading
    • email address
    • Name and address

    WTF that's worse than access to my VPS!

    That's true, if considering that the VPS is just a member of the Idle Family.

    DP | Domain Names for Sale: vm*.net / virt*.com / *gigabit.net / *vpn.net


  • @MikePT said:

    @RossG said:

    @WebGuru said:
    The module, which served the green chat box, was the cause of the caching

    It sounds strange that the tawk.to module could be causing customer data to be cached.

    https://github.com/tawk/tawk-whmcs/blob/master/modules/addons/tawkto/hooks.php

    The code is all open source and I can’t see anything there which could cause something to be cached or modify a session.

    I hope this hasn’t been used as a “get out of jail” for a more serious issue, but it does seem like a bit of a stretch to blame this all on tawk.

    I second this.
    I just don't see how it'd be possible to happen.

    Also, technically, in most cases (not all), knowing the cause should somewhat make it possible to replicate the issue, but in this case it seems like replicating was not possible?

    Thanked by 2MikePT yoursunny

    DP | Domain Names for Sale: vm*.net / virt*.com / *gigabit.net / *vpn.net


  • @RossG said:

    @WebGuru said:
    The module, which served the green chat box, was the cause of the caching

    It sounds strange that the tawk.to module could be causing customer data to be cached.

    https://github.com/tawk/tawk-whmcs/blob/master/modules/addons/tawkto/hooks.php

    The code is all open source and I can’t see anything there which could cause something to be cached or modify a session.

    I hope this hasn’t been used as a “get out of jail” for a more serious issue, but it does seem like a bit of a stretch to blame this all on tawk.

    No,it is not.
    I am not blaming it on tawk.to. It was our confirguration of tawk.to that caused it but the module was caching the data.

    The modue itself had one profile which loaded a green chat bar. The footer.tpl had the code of another profile which loaded a blue chat bar.

    @Rhys said:

    HostMedia said: it isn't just spam, someone can use those details to start fraudulent activities.

    Deeply concerning how downplayed this is in the email.

    @HostDoc have you reported this to the ICO as a data breach? There's no mention of it in the email sent.

    No, not yet.
    As is evident, the cause was not immediately known. As much as it seems the root cause has now been identified, I am still worried and would like to monitor a while longer before details are submitted.


    The client area has been taken down numerous times for us to carry out work regarding this matter. It was never just left operational while knowing it was leaking.

    As much as many might not like the brand or my responses to threads/toxic comments/tickets, one thing I have always strived to provide is a decent service at the price point.

  • RhysRhys Member, Provider
    edited January 2020

    @HostDoc said:

    No, not yet.
    As is evident, the cause was not immediately known. As much as it seems the root cause has now been identified, I am still worried and would like to monitor a while longer before details are submitted.


    The client area has been taken down numerous times for us to carry out work regarding this matter. It was never just left operational while knowing it was leaking.

    As much as many might not like the brand or my responses to threads/toxic comments/tickets, one thing I have always strived to provide is a decent service at the price point.

    So you've known about it for quite some time, and also known that data was leaking during that time yet have failed to report it within the required time defined by the GDPR?

    "At a glance
    The GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. You must do this within 72 hours of becoming aware of the breach, where feasible."

    Source: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/

  • WebGuru said: Over the last few months, our client area has been experiencing odd caching issues which proved to be a problem to pinpoint.

    I cannot understand why it should be so difficult to find the cause. The logical approach would be to reproduce the problem with the default theme ("systpl=six" ) and if the problem is still replicatable, disable the hooks and modules one by one until the problem is gone.

    This is quite easy in WHMCS, because you just have to remove the custom folders and files.

    It would even be possible to setup a stock WHMCS instance with the existing database to rule out a server / module problem.

    I think HostDoc has either not been interested into this issue, or it is run by amateurs.

    I could be wrong, but isn't HostDoc the one that sent a mass mail to customers in a tantrum about the closement of a location because the datacenter want to charge money for an IP change?

    Thanked by 1dahartigan
  • Maybe the EU has "motivations" for requiring reporting of data breaches within 72 hours.

    Thanked by 1dahartigan

    Deals and Reviews: LowEndBoxes Review | Avoid dodgy providers with The LEBRE Whitelist | Free hosting (with conditions): Evolution-Host, NanoKVM, FreeMach, ServedEZ | Get expert copyediting and copywriting help at The Write Flow

  • @Rhys said:
    So you've known about it for quite some time, and also known that data was leaking during that time yet have failed to report it within the required time defined by the GDPR?

    "At a glance
    The GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. You must do this within 72 hours of becoming aware of the breach, where feasible."

    Source: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/

    It took us some time to replicate it. At the time we did, we only saw services rendered leaked.

    It has not yet been feasable to submit a breach notice to ICO as we are still gathering data regarding the breach so the report is complete.

    @Tr33n said:

    WebGuru said: Over the last few months, our client area has been experiencing odd caching issues which proved to be a problem to pinpoint.

    I cannot understand why it should be so difficult to find the cause. The logical approach would be to reproduce the problem with the default theme ("systpl=six" ) and if the problem is still replicatable, disable the hooks and modules one by one until the problem is gone.

    This is quite easy in WHMCS, because you just have to remove the custom folders and files.

    It would even be possible to setup a stock WHMCS instance with the existing database to rule out a server / module problem.

    I think HostDoc has either not been interested into this issue, or it is run by amateurs.

    I could be wrong, but isn't HostDoc the one that sent a mass mail to customers in a tantrum about the closement of a location because the datacenter want to charge money for an IP change?

    Once again, initially, it was almost impossible to reproduce.
    WHMCS was involved and carried out their work and handed back the installation after making changes they thought might been the issue.
    I had no reason to doubt their judgement and admittently did not cross check.
    It was later found that the actual cause was a module which has since been disabled.

  • poissonpoisson Member
    edited January 2020

    @dahartigan do you have screenshots of names and addresses? Or just services as claimed? If you do, how long ago was it?

    Thanked by 1dahartigan

    Deals and Reviews: LowEndBoxes Review | Avoid dodgy providers with The LEBRE Whitelist | Free hosting (with conditions): Evolution-Host, NanoKVM, FreeMach, ServedEZ | Get expert copyediting and copywriting help at The Write Flow

  • RossGRossG Member, Provider

    @HostDoc said:
    No, not yet.
    As is evident, the cause was not immediately known. As much as it seems the root cause has now been identified, I am still worried and would like to monitor a while longer before details are submitted.

    If you knew client names, addresses and emails were being exposed, you should have reported that to the ICO as soon as you found out, regardless of whether the cause was known or not.

  • HostDoc said: .. one thing I have always strived to provide is a decent service at the price point.

    I think we can all agree with this point.
    Focus ;-)

    Long live LowEndInfo.com

  • ok the client area is taken down for an undisclosed amount of time https://clientsarea.hostdoc.co.uk/clientarea.php

    Down for Maintenance (Err 3)
    Panel down for an undisclosed amount of time.
    For support requests, please use live chat.

    To be honest i was always impressed with their 24/7 live chat whenever i visited their site someone was live to assist but it looks like in the end that live chat module proved to be the culprit here!

    Looks like Live Chat is also taken down https://hostdoc.co.uk/

  • They are reinstalling WHMCS and going back to basic setup i believe without these modules

    It has been decided to take the advise of a few individuals and be sure the issue is totally eradicated by reinstalling our client area and migrating the database over.

    As such, the client area will be down until such a time to set up a VPS and installation is found.
    All services will remain operational and should assistance be required, please use the live chat on any of our "many" sites.

    If an invoice is due, there will be no sanctions for late payment.

    Kind regards.
    HostDoc Hosting Team

  • hzrhzr Member, Moderator
    edited January 2020

    HostDoc said: As much as many might not like the brand or my responses to threads/toxic comments/tickets, one thing I have always strived to provide is a decent service at the price point.

    While I do like your promotions and past threads, the way you responded seems rather irrationally legally risky on LES, considering they are trying to warn you in good faith of GDPR, data protection, CCPA, etc. violations instead of repeatedly reloading to siphon off as much data as possible.

    Sure, while it might not be a "hack" breach, I believe your time would have been better off spent trying to do root cause analysis of such a massive, critical issue - if it happens even once, extremely concerning and not "just a bug" - instead of yelling at people.

    I can assure you that I don't think hostdoc is a "scam operation" or anything, but the handling of this multiple-occurrence incident is not what I'd consider handled well.

  • LeeLee Member

    If data has been leaked and from your website, you are ICO registered then I would be more concerned at your delay in reporting this.

    Service providers (eg telecoms providers or internet service providers) have certain obligations if a personal data breach occurs. These are set out in regulation 5A.

    A personal data breach may mean that someone other than the data controller gets unauthorised access to personal data.

    If you are a service provider, you must:
    notify the ICO;
    consider whether to notify your customers; and
    record details in your own breach log.

    You must notify the ICO within 24 hours of becoming aware of the essential facts of the breach.

    Yet you seem to have been aware of this for quite some time? You suggest that is because the reason for the breach was unknown, that is not how it works.

    Thanked by 1uptime
  • dahartigandahartigan Member without signature

    @poisson said:
    @dahartigan do you have screenshots of names and addresses? Or just services as claimed? If you do, how long ago was it?

    I do, and just under a week ago.

  • deankdeank Member, Troll

    tl;tr

    The end is nigh.

    "Jarland is stupid."

  • Just for completeness, @dahartigan, did you come across or were made aware of the issue, whilst working/collaborating with HostDoc?

    Long live LowEndInfo.com

  • dahartigandahartigan Member without signature

    @AlwaysSkint said:
    Just for completeness, @dahartigan, did you come across or were made aware of the issue, whilst working/collaborating with HostDoc?

    I did, the first time I saw it I told Chike and he assured me it was fixed. I have since then seen multiple people report the issue over time, mostly unresolved, but gets "fixed" temporarily.

    My access was a tawk.to login, tickets in whmcs and create/edit in virtualizor.

    Thanked by 1AlwaysSkint
  • jarjar Provider
    edited January 2020

    Found in headers from a curl:

    X-Server-Powered-By: Engintron

    https://engintron.com

    "with an additional micro-cache layer to significantly improve performance for dynamic content generated by CMSs like WordPress, Joomla or Drupal"

    Might this help to identify the cause? This is a significant stack that focuses on caching. Looks like it uses APC + memcached. Could it be caching the dynamic data and returning it to other visitors when they hit the same URLs?

  • RossGRossG Member, Provider

    @jar said:
    Found in headers from a curl:

    X-Server-Powered-By: Engintron

    https://engintron.com

    Might this help to identify the cause?

    The cause is (most probably) the micro caching with Engintron:

    if you get 100 visitors requesting the same page in 1 sec, generate the page from the absolute first visitor and then serve the rest 99 visitors the cached copy of that page

    If you curl and look for the "x-nginx-cache-status" header, then quickly curl again within a second you should see it turn from EXPIRED to HIT.

    From what others have posted, I assume this is what happened - somebody logged in then another client was served the cached version of their dashboard.

    Looks like a really simple configuration issue, hopefully it should be able to be resolved quite easily.

    Thanked by 3jar dahartigan FHR
  • FranciscoFrancisco Top Provider

    jar said: Might this help to identify the cause? This is a significant stack that focuses on caching.

    For sure.

    We tried it on shared but you have to turn off basically all caching if there's cookies just to be safe.

    Francisco

    Thanked by 3jar skorous FHR
    BuyVM - Free DirectAdmin, Softaculous, & Blesta! / Anycast Support! / Windows 2008, 2012, & 2016! / Unmetered Bandwidth!
    BuyShared - Shared & Reseller Hosting / cPanel + Softaculous + CloudLinux / Pure SSD! / Free Dedicated IP Address
  • MikePTMikePT Member, Provider

    @jar said:
    Found in headers from a curl:

    X-Server-Powered-By: Engintron

    https://engintron.com

    "with an additional micro-cache layer to significantly improve performance for dynamic content generated by CMSs like WordPress, Joomla or Drupal"

    Might this help to identify the cause? This is a significant stack that focuses on caching. Looks like it uses APC + memcached. Could it be caching the dynamic data and returning it to other visitors when they hit the same URLs?

    May very well be it.

    Thanked by 1dahartigan
  • MikeAMikeA Member, Provider
    edited January 2020

    @jar @MikePT When I first started doing cPanel hosting 2-3 years ago I used Engintron, had tons of issues with caching forums that would cause forum users to see others profiles. I would say that's definitely the issue. I think I disabled caching in Enginton completely but eventually dumped it because of some other smaller issues.

    ExtraVM - AMD Ryzen VPS starting @ $3.50
    USA (TX, VA, FL), CA, FR, UK, SGP, AU

  • I gave up on engintron a few years back - just wasn't playing 'nice' with oscommerce stuff (WHM/cPanel VPS).

    Long live LowEndInfo.com

  • Oh dear! This is sad.
    Hopefully HostDoc knows what the law says. I don't want to see HostDoc going down because of the big fines. This is not a small thing. It needs 100% focus.

  • Is just name, email and address. Honestly this is already leaked around, even in your domain whois... or in some hosting db dump. Nothing really sensitive.

    Chill....

    Thanked by 2jar BlaZe
  • MikeAMikeA Member, Provider

    @Hxxx said:
    Is just name, email and address. Honestly this is already leaked around, even in your domain whois... or in some hosting db dump. Nothing really sensitive.

    Chill....

    Tickets can have sensitive information. With the way caching works many sensitive things can be leaked that aren't just that. But yeah, your basic info is everywhere.

    Thanked by 1dahartigan

    ExtraVM - AMD Ryzen VPS starting @ $3.50
    USA (TX, VA, FL), CA, FR, UK, SGP, AU

  • dahartigandahartigan Member without signature

    @jar said:
    Found in headers from a curl:

    X-Server-Powered-By: Engintron

    https://engintron.com

    "with an additional micro-cache layer to significantly improve performance for dynamic content generated by CMSs like WordPress, Joomla or Drupal"

    Might this help to identify the cause? This is a significant stack that focuses on caching. Looks like it uses APC + memcached. Could it be caching the dynamic data and returning it to other visitors when they hit the same URLs?

    Nice find! I would actually be highly surprised if it didn't turn out to be that afterall given that just about everything else has been pinpointed as the cause (tawk, whmcs, cosmic rays etc etc)

    The fact that it is also a very logical and likely explanation for the issue helps too :)

  • @MikeA said:

    @Hxxx said:
    Is just name, email and address. Honestly this is already leaked around, even in your domain whois... or in some hosting db dump. Nothing really sensitive.

    Chill....

    Tickets can have sensitive information. With the way caching works many sensitive things can be leaked that aren't just that. But yeah, your basic info is everywhere.

    Well I mean... yeah if you put your password in the title of a ticket lol. But otherwise based on the info here is just titles.

  • dahartigandahartigan Member without signature

    @MikeA said:

    @Hxxx said:
    Is just name, email and address. Honestly this is already leaked around, even in your domain whois... or in some hosting db dump. Nothing really sensitive.

    Chill....

    Tickets can have sensitive information. With the way caching works many sensitive things can be leaked that aren't just that.

    Exactly this. Enough can be gleamed by what's leaking here to successfully use social engineering against the provider.

    But yeah, your basic info is everywhere.

    True, but generally not tied to a service in a way that could be used against you. I could give a stranger who lives on the other side of the country the keys to my house, and as long as he had no idea where I live I'd be safe. Imagine if I gave the keys to my house to someone random on my street..

  • jarjar Provider

    @MikeA said:

    @Hxxx said:
    Is just name, email and address. Honestly this is already leaked around, even in your domain whois... or in some hosting db dump. Nothing really sensitive.

    Chill....

    Tickets can have sensitive information. With the way caching works many sensitive things can be leaked that aren't just that. But yeah, your basic info is everywhere.

    I think it's safe to assume that only pages without specific IDs in the URL would have been leaked, unless someone started cycling through IDs. At least that can technically, although quite time consuming, be audited to see if any pages with IDs (product ID, ticket ID) were viewed by someone who hadn't logged into the matching account.

    Thanked by 1Clouvider
  • dahartigandahartigan Member without signature

    @Rhys said:

    @HostDoc said:

    No, not yet.
    As is evident, the cause was not immediately known. As much as it seems the root cause has now been identified, I am still worried and would like to monitor a while longer before details are submitted.


    The client area has been taken down numerous times for us to carry out work regarding this matter. It was never just left operational while knowing it was leaking.

    As much as many might not like the brand or my responses to threads/toxic comments/tickets, one thing I have always strived to provide is a decent service at the price point.

    So you've known about it for quite some time, and also known that data was leaking during that time yet have failed to report it within the required time defined by the GDPR?

    "At a glance
    The GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. You must do this within 72 hours of becoming aware of the breach, where feasible."

    Source: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/

    Here's an interesting quote from https://hostdoc.co.uk/privacy-policy/

    Specifically, your personal data will be stored in accordance with the Payment Card Industry Data Security Standard

  • MikePTMikePT Member, Provider

    @MikeA said:
    @jar @MikePT When I first started doing cPanel hosting 2-3 years ago I used Engintron, had tons of issues with caching forums that would cause forum users to see others profiles. I would say that's definitely the issue. I think I disabled caching in Enginton completely but eventually dumped it because of some other smaller issues.

    Never liked that piece of shit. :P

  • RhysRhys Member, Provider

    @dahartigan said:

    @Rhys said:

    @HostDoc said:

    No, not yet.
    As is evident, the cause was not immediately known. As much as it seems the root cause has now been identified, I am still worried and would like to monitor a while longer before details are submitted.


    The client area has been taken down numerous times for us to carry out work regarding this matter. It was never just left operational while knowing it was leaking.

    As much as many might not like the brand or my responses to threads/toxic comments/tickets, one thing I have always strived to provide is a decent service at the price point.

    So you've known about it for quite some time, and also known that data was leaking during that time yet have failed to report it within the required time defined by the GDPR?

    "At a glance
    The GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. You must do this within 72 hours of becoming aware of the breach, where feasible."

    Source: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/

    Here's an interesting quote from https://hostdoc.co.uk/privacy-policy/

    Specifically, your personal data will be stored in accordance with the Payment Card Industry Data Security Standard

    I'd love to see their PCI compliance cert.

    Thanked by 1dahartigan
  • PieHasBeenEatenPieHasBeenEaten Member, Moderator

    Someone call the nurse the doc is out!

    Thanked by 1TimboJones
  • JordJord Moderator, Provider

    Did someone say, Nurse?

    BillingServ - Easy, simple, and hassle-free online invoicing solution. Contact us today.
    BaseServ Certified to ISO/IEC 27001:2013

  • dahartigandahartigan Member without signature

    Looks like whmcs is back online and accepting signups and payments again.. does this mean it's fixed? What was the problem?

This discussion has been closed.