Cyber Incident Victim: Hover

On August 5, 2015, domain registrar Hover, a subsidiary of Tucows, notified users via email of a security incident involving potential unauthorized access to one of its internal systems. The company stated this access "could have occurred" during a brief, unspecified timeframe but emphasized no evidence indicated actual compromise of user accounts. As a precautionary measure, Hover proactively reset all customer passwords, locking users out of their accounts until they completed a password reset process. Affected customers were instructed to use the "I forgot my password" feature on Hover's login page to regain access. The company characterized its response as erring on the side of "extreme caution" given the theoretical risk, though it provided no technical details regarding the nature of the system exposure, potential attack vectors, or forensic findings.

The password reset action impacted all Hover account holders, requiring immediate credential changes regardless of individual risk indicators. Hover's website displayed a prominent password recovery link but offered no additional public statements or incident details beyond the initial email, creating what external observers described as an information vacuum. While the company maintained there was no proof of account breaches, security analysts noted the theoretical risk extended beyond Hover if customers reused compromised credentials across multiple services. The incident drew criticism for lacking transparency regarding the affected system's function, exposure duration, or remediation steps beyond password resets. No data categories beyond account access credentials were referenced as potentially exposed, and Hover did not disclose whether multi-factor authentication adoption rates influenced their response strategy.