Company wrote that first they came to know about the breach on early evening of 3rd July 2018, but after investigation they found that a data feed after a system change inadvertently made certain customer information accessible to outside parties as of 29 January 2018.
After the investigation of data breach, company said hacker may have accessed the following information -
- Customer Name
- Company name
- customer number
- phone number
- DomainFactory phone password
- Date of birth
- Bank name and account number (eg IBAN or BIC)
- Schufa score
DomainFactory assured that they have patched the Vulnerability due to which the breached happens and also noted they have also improved the security level.
Worst to be Happen!!
On this breach, your login details and other personal information have not only been stolen but hackers also took all yoir bank details. However, company says, with the stolen data hackers can easily make a debit from users bank account.
"Someone who has been given unauthorized access to your information, it is possible to use your identity or to create direct debits for your bank account or otherwise misuse their information at DomainFactory.DomainFactory request its all users to immediately change their passwords and also keep an eye on their bank statements. Company have provided a link to a page which guides users to change their passwords.
As a precaution, we recommend that you change your passwords for your DomainFactory accounts as soon as possible."DomainFactory regrets to its all users about the data breach and ensure that they are investigating this incident and also working with security firms for forensic investigation.
Company have not provided how many users have been affected or to what extent it cause damage.