Sorry for my late reply in this thread. Don't know how come I missed it. Well, this one didn't pop up when I clicked 'View New Posts'. Weird but nevermind.
Now talking of Hostinger, will one of my domains is from them. So after I read this post and was alerted via email, I logged into Hostinger. Yeah, they forced me to change my password. Then I was given the link to the thread on their official blog and a brief note of apology popped up in the notifications. Further, in the email I'd received, it was said how their data was compromised even that they have taken different measures to secure their systems. They assured their users that they're looking into the matter and no personal information had been leaked yet.
Anyways now coming to security. Probably this case was that of a big explore rather than a backdoor. Moreover, yeah databases should be encrypted so as to prevent unauthorised exploitation.
You see I'm also associated with a Cyber Security company for 11 months now. Actually not as an employee you know, FYI I'm only 16 years old. So it happened that I'd applied for a scholarship in that agency so that I could learn advanced ethical hacking - like SQL Injection, penetration etc. They'd taken an initial screening test. Finding new eligible they entitled me to their best courses for free. In turn, I'm obliged to test their new security software, updates, bug fixes etc.
Now a couple of months back they discovered a dangerous security glitch in a top notch IT company in India itself. That security hole made the databases of the company vulnerable to injection attack.
Now y'all might be wondering why amnt I taking the name of the agency or the company which security threat they deciphered. Will, I've signed a pact with them wherein I'm bound not to reveal the name of their agency under any circumstances.
Now this example highlights how vulnerable can even the days of big companies be. Obviously you can't compare Hostinger to Google or Microsoft. Data breaches are one of the top reasons why users privacy gets compromised. You'd know how last July, Capital One got hacked and personal information of millions in US and Canada got released. Although the jacket was arrested and no data was leaked, but the fact still remains that security holes were there which enabled the hacker to do his job.
You take WordPress for example. I know it takes a lot of effort to make things and you shouldn't criticise what you cannot do, but honestly WordPress is full of security holes. Most of the outdated and free themes and plugins are but backdoors to gain access into your site and the rest is not to be mentioned. WordPress is the biggest cause if accounts getting suspended at HelioHost, wherein users websites are hacked and used for malicious purposes. That's when we start receiving complaints from various security websites, and we can't help but suspend their websites, with 90% if the cases being that the user is innocent. They're neither aware of when their website got hacked, not when was it suspended.
Thus I'd like to say that as technology advances data breaches are also on the rise. If appropriate measures can be taken, they can be prevented to a certain extent, but unfortunately cannot be completely done away with.
Agreed with @
Melvin, that you cannot expect 100% security from any provider, coz as I've said earlier too, advancement in technology means more security glitches remain ignored and pave the way for hackers to execute their malicious intentions. Safe browsing involves use of a VPN or a proxy, but a VPN is always more recommended.
