DreamHost web hosting hacked

By alexalex
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

alexalex

Posted
Posted

Changing Shell/FTP Passwords due to Security Issue (RESOLVED)

Last night we detected some unauthorized activity within one of our databases. While we don?t have evidence that customer passwords were taken at this time, we?re forcing a change out of caution. Please login to our web panel and change any passwords you may have with us. We?ll keep this post updated as we get more information.

Update Jan 20th, 09:50pm PST: We?re going to set this post to resolved. We have been sending out update emails to every account owner we have, letting them know what happened, and how to proceed from here on out. As a precaution, we advise every user to change all email passwords as well. We are not forcing this change, however, so make sure you take care of that ASAP. ? Brian H

Update Jan 20th, 08:15pm PST: Forced updates to FTP/shell users should now be done. Any users that are locked out should update their passwords via the web panel. If you?re still unable to get in, please let support know asap. ? Brian H

Update Jan 20th, 04:00pm PST: We?re still updating all users to force a password change. We should be done with this soon. Also, you can expect an email with more details to follow. It does take some time to email all of our customers, so please keep that in mind. ? Brian H

Update Jan 20th, 02:35pm PST: I apologize, my previous update was incorrect. If your password has been updated by us, your old password will not work. You must login to the web panel, and change the password before you can login via FTP/shell user again. These updates are taking a little longer than normal, as announced previously. We apologize for the delay. ? Brian H

Update Jan 20th, 01:57pm PST: We?re still pushing through all password updates on our system. Passwords should still work on your account. If you?re having problems, please submit a support request and our staff will get in touch with you ASAP. ? Brian H

Update Jan 20th, 12:57pm PST: Password updates are still humming along. In our preliminary checks, it does not look like any customer accounts where accessed. ? Brian H

Update Jan 20th, 12:40pm PST: Password changes are still going through, so some of you may still see old passwords working. We?re doing everything we can to make sure all passwords are updates ASAP. ? Brian H

Update Jan 20th, 12:15pm PST: Panel access is looking much better now. Passwords are being updated, but due to the influx of requests, updates to passwords might take a little longer than normal. Our servers are working overtime to keep up with demand. ? Brian H.....

http://www.dreamhoststatus.com/2012/01/20/changing-ftpshell-passwords-due-to-security-issue/

Link to comment
https://www.neowin.net/forum/topic/1053101-dreamhost-web-hosting-hacked/
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

so people can actually read it ;)

Changing Shell/FTP Passwords due to Security Issue (RESOLVED)

Posted (January 20th, 2012 at 9:25 am PST) by Oscar

Last night we detected some unauthorized activity within one of our databases. While we don?t have evidence that customer passwords were taken at this time, we?re forcing a change out of caution. Please login to our web panel and change any passwords you may have with us. We?ll keep this post updated as we get more information.

Update Jan 20th, 09:50pm PST: We?re going to set this post to resolved. We have been sending out update emails to every account owner we have, letting them know what happened, and how to proceed from here on out. As a precaution, we advise every user to change all email passwords as well. We are not forcing this change, however, so make sure you take care of that ASAP. ? Brian H

Update Jan 20th, 08:15pm PST: Forced updates to FTP/shell users should now be done. Any users that are locked out should update their passwords via the web panel. If you?re still unable to get in, please let support know asap. ? Brian H

Update Jan 20th, 04:00pm PST: We?re still updating all users to force a password change. We should be done with this soon. Also, you can expect an email with more details to follow. It does take some time to email all of our customers, so please keep that in mind. ? Brian H

Update Jan 20th, 02:35pm PST: I apologize, my previous update was incorrect. If your password has been updated by us, your old password will not work. You must login to the web panel, and change the password before you can login via FTP/shell user again. These updates are taking a little longer than normal, as announced previously. We apologize for the delay. ? Brian H

Update Jan 20th, 01:57pm PST: We?re still pushing through all password updates on our system. Passwords should still work on your account. If you?re having problems, please submit a support request and our staff will get in touch with you ASAP. ? Brian H

Update Jan 20th, 12:57pm PST: Password updates are still humming along. In our preliminary checks, it does not look like any customer accounts where accessed. ? Brian H

Update Jan 20th, 12:40pm PST: Password changes are still going through, so some of you may still see old passwords working. We?re doing everything we can to make sure all passwords are updates ASAP. ? Brian H

Update Jan 20th, 12:15pm PST: Panel access is looking much better now. Passwords are being updated, but due to the influx of requests, updates to passwords might take a little longer than normal. Our servers are working overtime to keep up with demand. ? Brian H

Update Jan 20th, 11:55am PST: Web panel slowly returning to normal. We are still working on getting it 100% restored, so be aware you may see some downtime there, for the time being. ? Brian H

Update Jan 20th, 11:32am PST: We?re still working on getting the panel back up and running and apologize for the delay. ? Brian H

Update Jan 20th, 11:12am PST: Currently, our web panel is a bit overwhelmed and is showing intermittent access. We?re working on fixing this issue, so passwords can be updated. ? Brian H

Update Jan 20th, 10:59am PST: We apologize for any confusion as to what the current procedure needs to be. We recommend you change your password for any FTP/shell user you have with us, right now.

If you?ve already changed your password this morning, thank you for being so quick! We are still running through all FTP/shell users, just in case, so it?s possible we?ll change it out from under you again. We apologize for this duplication of effort, but we?re trying to get things secure as quickly as possible. ? Brian H

Update Jan 20th, 10:20am PST: The process for changing all passwords is still going. After we complete the password changes, all FTP/shell passwords MUST be changed by you in the panel.

To edit your password in the panel, please log into the web panel and go to Manage Users. Click edit next to the FTP/shell user on the right and you can change your password there. ? Oscar P

Update Jan 20th, 10:00am PST: We have started the process of changing all Shell/FTP passwords now. After we complete the password changes, all FTP/shell user passwords MUST be changed by you in the panel.

To edit your password in the panel, please log into the web panel and go to Manage Users. Click edit next to the FTP/shell user on the right and you can change your password there.

Update Jan 20th, 9:45am PST: We are doing this for all customers and we will be changing all Shell/FTP user passwords.

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

Look at your font settings, I believe quite often your defaulted to like 16px -- so this is why my posting that does not call for font size is like double yours. Maybe you are set for lower default and zooming in on all text?

Something is wrong with your settings if your not seeing a difference in font size for sure -- look at the source of the page. Your post is in a span that sets font size to 8px, my post is font size is not set so would be default size of the users browser. Which is normally a lot bigger than 8px ;)

edit: I rarely use chrome, clearly I have never tweaked its font settings ;) here are mine - first page is set to medium and then when you click the customize you see the details

post-14624-0-50182900-1327240349_thumb.p

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.