Information for ownCloud Users Regarding the Hudson Rock Report
Overview
A January 2026 threat intelligence report by Hudson Rock identified credential theft incidents affecting organizations using various self-hosted file sharing platforms, including some ownCloud Community Edition deployments. This page provides clarity on what occurred and the steps you should take to protect your environment.
What Happened
The ownCloud platform was not hacked or breached. The Hudson Rock report explicitly confirms that no zero-day exploits or platform vulnerabilities were involved. The report states: “These catastrophic security failures were not the result of zero-day exploits in the platform architecture.”
The incidents occurred through a different attack chain: threat actors obtained user credentials via infostealer malware (such as RedLine, Lumma, or Vidar) installed on employee devices. These credentials were then used to log in to ownCloud accounts that did not have Multi-Factor Authentication (MFA) enabled. As the report notes: “No exploits, no cookies—just a password.”
Immediate Action: Enable MFA
If you have not enabled Multi-Factor Authentication on your ownCloud instance, do so immediately. MFA adds a critical second layer of verification that prevents unauthorized access even when credentials are compromised.
Recommended steps:
- Enable MFA on all user accounts using ownCloud’s two-factor authentication apps
- Reset passwords for all users and require strong, unique credentials
- Review access logs for any suspicious login activity
- Invalidate active sessions to force re-authentication with MFA
Enterprise-Grade Security with Kiteworks
For organizations seeking the highest level of protection for sensitive content, Kiteworks offers a migration path from ownCloud to an enterprise-grade platform with security built in by default.
Unlike self-managed deployments where security depends on proper configuration, Kiteworks is delivered as a hardened virtual appliance with multiple layers of protection that cannot be disabled or misconfigured:
- Comprehensive MFA options with administrative controls to enforce policies organization-wide, plus alerts when risky settings are used
- Embedded network and web application firewalls that are pre-configured and continuously updated—no customer maintenance required
- Zero-trust architecture with double encryption, sandboxed components, and blocked lateral movement
- No operating system access for customers or admins, eliminating configuration drift and human error
- One-click updates like a smartphone to avoid the hassles of separately installing updates for databases, operating systems, and applications code, thus making it easy to keep security and functionality fixes up to date
Talk to Us
To learn more about securing your ownCloud environment or migrating to Kiteworks, contact our team at https://www.kiteworks.com/contact-us/