FYI...
Hetzner web hosting service hacked, customer data copied
- http://h-online.com/-1884574
7 June 2013 - "Web hosting service Hetzner has fallen victim to an attack during which hackers managed to harvest customer data. Among other things, the intruders had access to password hashes and customers' payment information. Apparently, a previously unknown server rootkit was used for the attack. In an email sent to customers on Thursday afternoon, the company said that unknown intruders had compromised several Hetzner systems. Apparently, the incident was discovered at the end of last week... although this data is encrypted asymmetrically, it can't be ruled out at this point that the private crypto keys that are required for decryption were copied as well. The attackers were also able to access customers' credit card data (the last three digits of credit card numbers, the expiry date and the card type) as well as salted SHA256 password hashes... current information suggests that the manipulated Apache instances were not used to deploy malware. It remains unclear who is behind the attack. How the hackers intruded into the server has yet to be established as well. The hosting company said that the German Federal Criminal Police Office (BKA) has been informed."