Cyber attack on Draco Charters Website, 13 January 2020
Image by Pete Linforth from Pixabay

Cyber attack on Draco Charters Website, 13 January 2020

We are a small company and operating in the modern cyber world. With this comes the modern-day threat of cybercrime.

So what happened?

This morning, 13 January 2020, we had a failed cyber attack on our website. We are glad to report that our firewalls and warning systems, have foiled their attempts to gain any meaning full entry to the website. We started with notifications that our numerous IP addresses were being blocked. Then we noticed that the attacker started to create 2 new profiles, which have extremely limited access. He/she must have noticed and then returned to “brute force” user and password hacking. That lead to more IP’s being blocked. Seeing as the attacker used multiple IP addresses, it did put a lot of strain on our server, the decision was made to turn off the server for a period of the day.

No credit card details

We pride ourselves that we take your security to hart. We want to make it clear that we do not store any credit card or payment details on our site or server. If you were a previous client, you will know that we will either deal in cash, bank deposit or other third party payments. None of it is done from the website itself.  Previously, we did investigate the possibility to do this, but due to the nature of the business we are in, this will not happen soon and when it is done it will be done via a secure third-party service provider.

What did we store on our site?

So the question that you might ask, is what information do we store here. The only information we did store was the contact information of the clients that have inquired about a charter and if they come through an affiliate link to us so we can pay the affiliate their share, which again is not done via the website/server.  With this threat and the security of our clients still our main concern, we have decided to remove this information and it is now being stored on a server that is not linked to the website.

New measures to keep our clients safer.

As an added security measure, we also have disabled user registering without physically contacting us. All user accounts will be validated and two-factor passwords will be inforced in the near future for all users.

Sorry if the switching off of the server affected you.

Our promise to you.

We will always take our client’s information and safety seriously. We will go over and beyond in this.