Australian Firm Suffers Massive Client Data Loss from Hacker Attack

 In Website Backup

Australian Firm Lost Almost all Customer Website Data Due to Hacking

According to an article in CRN.com.au, a small-sized Australian firm, Cyanweb Solutions recently lost almost all customer website data and backups due to a “criminal hacking.”

The digital marketing agency and web provider lost nearly all its customer data and backups after a hack successfully accessed a server and deleted almost all data.

The small Perth-based company focuses on website design, online marketing, hosting, and SEO for approximately 500 clients. Unfortunately, the company did not have offsite backups in place.

According to a recent posting on the Cyanweb Solutions website:

“A professional hacking group attacked, infiltrated the server and destroyed all data, including all available backup data. We highly suspect they were ‘professionals’, as at the time of the infiltration the server was being ‘overloaded’ (DDoS) by a highly suspicious range of sequential Swiss server IP addresses.

While our server admin was distracted by the DDoS attack, the hackers simultaneously infiltrated the server, escalated their privileges and delivered a seek and destroy payload.

This payload located and destroyed all backup disk drives using the ‘DD’ command, while running a super-fast encryption routine that encrypted all user accounts, while another routine sought out and deleted any core WordPress database tables using the default wp_ prefix.

Once the infiltration was discovered by the-then logged-in admin, the server was shut off immediately. Unfortunately, it was too late and only an estimated 12 percent of customer data survived the attack.”

Chief executive Jonathan Huckabee apologized to customers for what he called a “worst-case scenario” and was encouraging all affected businesses to set up email forwarding to an alternate email address.

“We do understand how difficult and devastating this event is for everyone. We will contact you as soon as possible with full disclosure and options,” Huckabee said.

“Unfortunately there is nothing else we can do at this point in time and appreciate your understanding that this is a worst case scenario for everyone.”

This is a sobering reminder of how critical it is to have an offsite website backup and recovery solution in place. Cloud-based website backup and recovery like that offered by Dropsuite is an essential element of any business data protection plan, no matter how big or small the business is.

With the ever-increasing numbers and sophistication of hacker and ransomware attacks across the globe, even small companies are at risk. And smaller companies unfortunately pay a heavy price when their data is compromised or destroyed.

According to an article published in the Denver Post, 60 percent of companies go out of business 6 months after a cyber attack:

“The U.S’ National Cyber Security Alliance found that 60 percent of small companies are unable to sustain their businesses over six months after a cyber attack. According to the Ponemon Institute, the average price for small businesses to clean up after their businesses have been hacked stands at $690,000; and, for middle market companies, it’s over $1 million.”

Website Backup and Recovery Best Practices

When it comes to website backup and recovery best practices, the following is a helpful list to ensure maximum web data protection:

  1. Backup features should include daily automated backups, backup scheduling, the ability to backup on demand and a feature to provide various backup retention options
  2. Monitoring features for any good website backup solution should include daily site-change monitoring, alert notifications and the ability to customize alerts depending on the needs of the business. This ensures that if a change is detected, you are alerted.
  3. Restore and undo functions should include the ability to download zip files as needed or on a schedule, as well as to have the ability to download a backup with the click of a button.
  4. Security must include two-factor authentication and military-grade AES-256 bit encryption coupled with TLS / SSL connections to ensure data is secured in transit and at rest.

Contact Dropsuite for More Information on Website Backup

To make sure the nightmare scenario that happened to Cyanweb Solutions doesn’t happen to you contact one of our Dropsuite website backup and recovery solutions experts. Learn more about how to protect business website data from hackers using a cloud-based, secure and easy to use solution.

Call us: US +1-408-780-2106 or International +65 6813 2090 or email: sales@staging-dropsuite.kinsta.com.

* Sources:
Cyanweb Solutions
CRN Australia, “Perth-based Cyanweb Solutions hit by “criminal hacking”, website data and backups lost
The Denver Post, “60% of small companies that suffer a cyber attack are out of business within six months.

Recommended Posts