Did either of the two Romanian hosting companies, seemingly facing unrelated breaches, ever issue a public notice?

Do you remember when we had a natter about that supposed incident with TIC Hosting, the Romanian lot back in April 2023? Apparently, they didn’t fancy chatting about it and didn’t even inform their own data protection regulator about a suspected breach. How cheeky is that? Well, that seemed to be the end of it really.

Well, bring out your tea and biscuits because there’s more. Apparently, our friends at DataBreaches popped up on the radar again in December, thanks to the original source of the whole TIC Hosting affair. Turns out TIC did a bit of a switcharoo and rebranded themselves as TorchByte. Seems like they fancied a fresh start after the muddle they found themselves in. Or so they thought.

Mind you, there’s a bit of a kerfuffle about them now allegedly offering benefits in exchange for positive reviews. That’s breaking TrustPilot’s rules, a proper no-no that is.

Dig a bit deeper and it seems they didn’t take that original vulnerability seriously. And if what I’ve heard is right, around 300 active customers were affected at the time. One can’t help but feel a bit sorry for TorchByte’s customers, poor things.

TrustPilot claims to be going all Sherlock Holmes on the matter after being alerted to the situation. But as with all good mysteries, there’s a fair bit of hush-hush going on. Something about keeping the investigating confidential, except for the accused party of course. The whole thing is a bit of a puzzle really.

There’s a lone 5-star review that popped up on the same date as TorchByte’s plea for reviews. Meanwhile, there’s an interesting verified 1-star review dating from August 2022 that accuses TorchByte of offering fake reviews. Pip pip, what’s TrustPilot doing about all this then? TorchByte might want to give their security a good once-over, otherwise they might end up with quite a few unhappy customers on their hands.

Now while TorchByte might be making their performance debut in the scandal spotlight, they’re not the only Romanian hosting firm in hot water. There’s a plot twist, isn’t there? Turns out ITITAN Hosting had an alleged breach as well.

An insider, a former customer of ITITAN Hosting, spotted the breach and even came with a screencap and pair of files. Apparently, the data of certain nodes was deleted, and ITITAN was offering an extra 10 days of free hosting as compensation. The worst part? The admin allegedly banned the informant after they started asking questions. Bit shady, don’t you think?

Further down the rabbit hole, customers apparently also received an email instructing them on how to complain to the Data Protection Authority about ITITAN Hosting. The plot thickens! Who knew cybersecurity could get this spicy?

Now, ITITAN’s site was unresponsive briefly, but it’s up and running again. No word, however, on whether they’re allowing their customers to request refunds, despite their stated terms and conditions.

Inquiring minds (looking at you, DataBreaches) have since pitched their questions to ITITAN on customer data and security practices, but as expected, the response has been as silent as a library. They’ve also sent off an inquiry to the ever-popular Data Protection regulator, who, we must eagerly wait to see, hasn’t given their full response yet.

So, sit tight and keep an eye out. We’ll update you once the tea spills!

by Parker Bytes