Loopia, one of the largest web hosting companies in Sweden, fell victim to a computer scam that leaked customer data, affecting around 100,000 customers, the company announced on Friday.
The web host is searching for possible weaknesses in their system that may have enabled hackers to breach their network. Extra security measures have already been introduced.
To be safe, customers were advised to update their user information, as hackers had accessed the customer database, including personal information required when signing up for an account, contacts and encrypted (hashed) passwords.
The company assures customers that hackers didn’t access information related to payments and credit cards, and their sites and email services were not affected. As a precaution, all customer numbers and passwords to customer accounts were changed.
“The violation has not affected your services such as email, web pages, databases or passwords to your email at Loopia,” reads their website (translation from Swedish). “We also want to emphasize that payment card information is not saved in Loopia’s environment and is thus not affected by the infringement. In accordance with Loopia’s policy, the violation has been reported to the police.”
The attack took place on Tuesday, but, although aware of the breach, Loopia management chose to inform their customers via email on Friday, to better understand the size and scope of the attack, explained Loopia CEO, Jimmie Eriksson.
Loopia hosts many web domains, and serves customers including the city of Stockholm, Karolinska Institute and Västra Götaland Region.