Distribute.IT data unrecoverable post-hack

Distribute.IT data unrecoverable post-hack

Summary: Wholesale registrar Distribute.IT, which suffered a targeted attack last week, today admitted that any customer data, sites and emails hosted on four of its servers is considered to be unrecoverable.


Wholesale registrar Distribute.IT, which suffered a targeted attack last week, today admitted that any customer data, sites and emails hosted on four of its servers is considered to be unrecoverable.

"While every effort will be made to continue to gain access to the lost information from those hosting servers, it seems unlikely that any usable data ... can be salvaged from these platforms," the company said.

"In assessing the situation, our greatest fears have been confirmed that not only was the production data erased during the attack, but also key backups, snapshots and other information that would allow us to reconstruct these servers from the remaining data."

The company said that it had been advised that it doesn't have sufficient resources to transfer the 4800 domains and accounts affected to other parts of the platforms and that it couldn't undertake further provisioning of services and accounts on the current infrastructure.

"This leaves us little choice but to assist you in any way possible to transfer your hosting and email needs to other hosting providers. We would like to thank those loyal customers who have stuck by us during this difficult time and elected to have their hosting remain on our servers."

Distribute.IT said that it would continue to try and recover the information from affected servers, but added that it believed it was a slim chance of recovering beyond what had already been salvaged.

The company's problems started with an attack on Saturday, 11 June, which Distribute.IT said was a deliberate attempt to take down the business by destroying drive header files and not an act aimed at stealing client data.

"The overall magnitude of the tragedy and the loss of our information and yours is simply incalculable; and we are distressed by the actions of the parties responsible for this reprehensible act," the company said.

Topics: Security, Hardware, Servers, Storage

Suzanne Tindal

About Suzanne Tindal

Suzanne Tindal cut her teeth at ZDNet.com.au as the site's telecommunications reporter, a role that saw her break some of the biggest stories associated with the National Broadband Network process. She then turned her attention to all matters in government and corporate ICT circles. Now she's taking on the whole gamut as news editor for the site.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • 1. I manage a company of
    • 1. I manage a company of less than 10 people. All our data exists in at least 5 off-site backup copies in 3 locations. I would expect no less from a truly professional company.

      2. There seems to be a lot of merit in the proposition that people who fail to have proper defensive software be denied Internet access, i.e. to enforce, brutally, mandatory security software.
      • Sounds like a bit of an overkill to me... there is a time and cost involved in maintaining backups at all those off-site locations.
  • Unforgiveable that the devices holding snapshot and archive backups were not fenced off behind their own internal firewall. Lack of any offsite backup also means the company had zero disaster recovery plan in place. The fact that the attacker could actually destroy critical data means that the security of customers' private data (including credit card info) was open to compromise. Hopefully this incident will be a wakeup call to others who lack fundamental security and backup policies.
  • DistributeIT said it didn't store any credit card information in its databases. It certainly is likely to be a wakeup call, but I feel sorry for the company, which seems to have been targeted in a very nasty manner.
    • ... but doesnt cover if their customers held C.Card info for their public customers/end users. One would hope not since PCI ( https://www.pcisecuritystandards.org/ ) effectively prohibits this... or does no-one else actually follow PCI given the AU banks don't actually seem to care ?
  • A Verizon survey said that only 22 per cent of organisations were compliant with PCI DSS.

  • 'Hack on Distribute.IT systems" - June 13th - fail but recoverable.
    backups gone too - FAIL - who stores backups ONLY online so theres nothing offsite in theevent of a site catastrophe?
    still not up - June 20th - bigger FAIL - I guess there was ZERO DR planning for this to still be off the air over a week later? Tape restores takes hours (or few days) not a week!
    "were sorry - go elsewhere" - June 21st - MONUMENTAL FAIL - Is this the public death notice announcement for this company?
    media slow to acknowledge this hack/outage - fail - seriously ZDnet, 9 days to pick up on this?
    fail - Auda - what checks and balances are in place to certify someone? Just pay the upfront $15.5K and complete the registration form?