Staminus Communications Hacked, Customer Info Stolen

Internet hosting provider Staminus Communications, which specializes in protecting against distributed denial of service attacks (DDoS), was itself hacked during the past day and customer information stolen, the firm said in a statement today.

The Newport Beach, Calif., firm’s own public website appeared to have been wiped of all content and today featured only a logo and a statement from CEO Matt Mahvi announcing the security breach.

“As a result of this intrusion, our systems were temporarily taken offline and customer information was exposed,” he said. “Upon discovering this attack, Staminus took immediate action including launching an investigation into the attack, notifying law enforcement and restoring our systems.”

Several media reports speculated the attack could be politically motivated, because Staminus hosts the website of the national Ku Klux Klan.

The outage began Thursday and lasted about 20 hours.

Customers were advised to change their Staminus passwords.

“Based on the initial investigation, we believe that usernames, hashed passwords, customer record information, including name and contact information, and payment card data were exposed,” Mahvi said in the statement.

United Kingdom newspaper The Register reported that the hackers posted the personal information online in a file titled “Tips when running a security company.”

“I fully recognize that our customers put their trust in Staminus and, while we believe that the issue has been contained, we are continuing to take the appropriate steps needed to safeguard our clients’ information and enhance our data security policies,” Mahvi said. “We will provide updates, as appropriate, as the investigation continues.”

Send tips and news to [email protected].