Received Hacked | MySQL Database being held for ransom, any mitigation ?

Simply at present, I discovered this after I checked our workplace database, apparently we acquired hacked.

mysql> choose * from READMEG
*************************** 1. row ***************************
id: 1
readme: To get well your misplaced Database ship 0.017 Bitcoin (BTC) to our Bitcoin handle: ****************** After this, contact us by electronic mail along with your Server IP or Area Identify and a Proof of Fee (Fee ID). Your Database is downloaded and backed up on our servers. Backups that we’ve got proper now: (my db checklist). Any electronic mail with out your server IP Tackle or Area Identify and a Proof of Fee collectively can be ignored. If we dont obtain your fee within the subsequent 10 Days, we are going to delete or leak your delicate data.
BTC_address: ************************************
electronic mail: db*****0*@***mail.com
1 row in set (0.00 sec)

Fortunately I’ve setup a db backup system, and I can simply restore to identified good state. Our webapp on /var/www appears not affected although, however I would be a idiot to belief this machine now.

Is there any mitigation to reduce the chance of this taking place, that is my first time getting mysql hacked, I think the hacker acquired entry from some variety distant exploit utilizing php, I’ve test ssh log and located nothing uncommon— the server have fail2ban setup and it’s working correctly.

🔥 Hot and trending web hostings deals 🔥

HostingsCoupons.com - Web Hostings Coupons, Sales, Deals and Discounts
Logo