The breach encountered by MWeb Business this week was not a hack, says Internet Solutions (IS).
MWeb said accounts were compromised in an incident that saw the integrity of usernames and passwords being affected. The assumption was that this was a result of hacking.
However, IS CTO Prenesh Padayachee says, according to the IS log, there is no clear indication that the site was hacked, but that an authorised username and password was used to access the system.
“The user did attempt various SQL injections, but this was only after successful login. There were no failed login attempts.”
Padayachee adds that no other IS clients' information was accessed in the process.
The breach resulted in a number of MWeb Business customers' usernames and passwords being made publicly available. IS says it has since been working closely with MWeb to re-provision security on the affected system and to monitor for unusual activity.
“Additional security has been put in place to further enhance security. Internet Solutions is working closely with MWeb to ensure the continued functioning of the service in a robust fashion, while these services are being migrated onto different systems,” says Padayachee.
MWeb says fewer than 1 000 accounts were compromised. It explains that access was gained to IS's self-service management system that MWeb Business uses to provision and manage business accounts that have not yet been migrated to the MWeb network.
“The compromised accounts are the only MWeb Business customer accounts that have not yet been migrated to MWeb's own IPC network, following its launch in April.”
The service provider explains that historically MWeb Business re-sold IS's uncapped and fixed IP ADSL services, which were provisioned and managed by MWeb, using a Web-based management interface provided by IS.
Share