At least 4800 Australian websites have been lost with no chance of recovery following a break-in at Australian domain registrar and web host Distribute.IT.
The hack attack caused so much damage that four of the company’s servers were “unrecoverable”, the company said, leaving thousands of website owners in the lurch.
“The overall magnitude of the tragedy and the loss of our information and yours is simply incalculable; and we are distressed by the actions of the parties responsible for this reprehensible act,” Distribute.IT said.
As reported by Fairfax Media last week, Distribute.IT was hit with a “deliberate, premeditated and targeted attack” on its servers last Saturday but it is still struggling to work out exactly what happened or how much data was stolen.
Security experts warned that thousands of websites were vulnerable to being hijacked and extensive private data were at risk of being stolen.
Customers hit the Whirlpool forums to complain that Distribute.IT had not adequately responded with information about the break-in and that the hack “has probably killed my business”.
In a statement published today, Distribute.IT said it had been working around the clock in an attempt to recover data from its affected servers.
“At this time, We regret to inform that the data, sites and emails that were hosted on Drought, Hurricane, Blizzard and Cyclone can be considered by all the experts to be unrecoverable,” it said.
“While every effort will be made to continue to gain access to the lost information from those hosting servers, it seems unlikely that any usable data will can be salvaged from these platforms.
“In assessing the situation, our greatest fears have been confirmed that not only was the production data erased during the attack, but also key backups, snapshots and other information that would allow us to reconstruct these servers from the remaining data.”
The company said 4800 websites were affected and since it did not have the capacity to transfer the domain names to other parts of its platform, Distribute.IT had no choice “but to assist you in any way possible to transfer your hosting and email needs to other hosting providers”.
The significant data loss has raised questions from backup experts as to why Distribute.IT did not appear to have offsite backups of customer data.
Distribute.IT has still not been able to get its website back online and it is using a Google Blogger account to update customers. Its phone lines have been ringing out and its email is down, forcing the company to use a temporary Gmail addresss – firstname.lastname@example.org.
Rob McAdam, CEO of security firm Pure Hacking, said the issue was a “catastrophic problem” for those with websites hosted by Distribute.IT.
“If these clients of Distribute.IT had no other backup other than what was at Distribute.IT, they would then have to rebuild their site – from scratch,” he said.
“From the Distribute.IT blog post, it appears that they have lost all of the content for these web sites and any associated backups that Distribute.IT kept.”
James Turner, security analyst at IBRS, said: “This could be the nightmare scenario that every small/medium businessperson working on the internet has in the back of their minds. If the attack is as described then the malice behind it is appalling.”
On the Whirlpool discussion forums, where there are over 60 pages of posts discussing the Distribute.IT hack, customers were livid at finding out their data was gone forever.
“I think I’m in shock … I have lost everything …. I couldnt possibly replicate all those years of work again … my whole lifes work is gone down the drain,” wrote one.