This popular web hosting service left 800m records exposed online

DreamHost exposed 86.15GB of data in total

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

DreamHosthas been outed by a security researcher who discovered around 814 million customer records had been leaked under theweb hostingfirm’s watch.

A database without password protection was found by Jeremiah Fowler, co-founder of Security Discovery, and the Website Planet research team.

Ina report, Fowler claimed that the leaked data included admin and user information for DreamHost’s DreamPressWordPress hostingaccounts, such as login location, first and last names, email addresses, usernames, roles, host IP addresses and timestamps.

TechRadar Proreached out toDreamhostfor a comment and was told that 21 websites were affected, and the only party outside of DreamHost to see this data was a security researcher who worked with the web hosting firm to resolve the issue.

DreamHost data leak

The total size of the exposed data was 86.15GB with 814,709,344 total records, according to the report Fowler authored.

While DreamHost acknowledged that those figures were correct, the company denied that the database contained Personally Identifiable Information (PII) of DreamHost customers.

Instead, the company released a statement about the leaked records and mentioned that the database consisted of object update records, error reports, and log entries.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

DreamHost also said the database was only accessible outside of its network for twelve hours during an active maintenance window.

“A logging database had been used for storing test data related to feature development. This database was not properly configured for authentication. A firewall configuration issue temporarily made this database accessible outside of our network,” said the DreamHost team.

To resolve the issue, DreamHost said it corrected the configuration issues resulting in outside accessibility, removed stale testing data and contacted the 21 website owners that were affected.

ViaWebProNews

Abigail is a B2B Editor that specializes inweb hostingandwebsite buildernews, features and reviews at TechRadar Pro. She has been a B2B journalist for more than five years covering a wide range of topics in the technology sector from colocation and cloud to data centers and telecommunications. As a B2B web hosting and website builder editor, Abigail also writes how-to guides and deals for the sector, keeping up to date with the latest trends in the hosting industry. Abigail is also extremely keen on commissioning contributed content from experts in the web hosting and website builder field.

Best free and public DNS server of 2024

Zoho turns to Nvidia NeMo to build proprietary LLMs

I’ve used Genmoji and now I’m convinced Apple Intelligence will be a huge success