Web Hosting Service ‘DreamHost’ Leaked 814 Million Records of Customer Data

A team of researchers found an unprotected database of over 86 GB on the Web containing over 814 million records with information about usernames, display names, email addresses and other information related to DreamPress accounts.

Web Hosting Service ‘DreamHost’ Leaked 814 Million Records of Customer Data

DreamPress is a managed WordPress hosting offered by DreamHost, one of the largest American web hosting providers.

The leaked database included information about WordPress accounts hosted or installed on DreamHost servers from March 2018 to April 2021. Specifically, the entries contained admin and user information (admin login url, first and last names, internal and external users’ email addresses, logins, roles), host IP and timestamps, build and version information, plugin details and themes, including configuration and what they were used for.

Web Hosting Service ‘DreamHost’ Leaked 814 Million Records of Customer Data

In addition, 10,000 entries contained email addresses associated with WordPress accounts in the .gov and .edu domain zones.

Web Hosting Service ‘DreamHost’ Leaked 814 Million Records of Customer Data

Experts found the database in April this year and immediately notified the owner. For several hours, access to the database was closed. It is currently unclear how long the database has been on the Web, and who, other than researchers, got access to it. It is also unknown if DreamHost notified DreamPress users of the leak.

Catch up on more articles here

Follow us on Twitter here

Popular

Must read

MORE ON THIS TOPIC:

Related Posts