Hetzner Online GmbH
| Primary URL | Location | Industry | hetzner[.]com |
Country
Germany
|
Technology
|
|---|
Profile
Hetzner Online GmbH is a web hosting provider headquartered in Germany. It operates a South African branch known as Hetzner South Africa, which functions independently from the German parent. The company’s core business involves delivering hosting services that provide customers with control panel access, FTP capabilities, and invoicing systems. While the specific range of products (e.g., shared hosting, dedicated servers, cloud offerings) is not detailed in the source material, the incidents describe a typical web hosting environment. The organization serves customers in multiple markets, although exact geographic or sectorial scope is not stated in the available information.
In November 2017, the South African branch suffered a security breach when attackers exploited an SQL injection vulnerability to gain unauthorized access to its control panel database. The breach exposed customer personal information, domain names, FTP passwords, and bank account details, though administrator passwords and credit card data were not compromised. In response, Hetzner South Africa reset the exposed FTP passwords, advised customers to update related credentials, engaged external forensic investigators, and temporarily suspended access to the affected system. A second incident occurred on October 5, 2018, when unauthorized access to customer invoicing data—including names, contact details, identity numbers, and bank account information—was obtained, again without compromising payment credentials or account passwords. Following each breach, the company warned of potential phishing attempts using the stolen data and noted criticisms from customers regarding perceived inadequacies in breach notifications and security improvements. Although the German headquarters has also experienced historical breaches, no specifics are provided in the source material. No explicit details about the company’s ownership structure, parent‑subsidiary relationships beyond the branch distinction, or quantitative metrics such as employee count or revenue are available in the given information.