Feeds

DreamHost nightmare attack sparks passwords reset

Hackers inappropriately touched customer database

5 things you didn’t know about cloud backup

US-based hosting firm DreamHost is advising customers to change their passwords following a database breach.

The firm warned on late on Friday that hackers had compromised customer FTP/shell access passwords. DreamHost began the process of resetting customer passwords over the weekend, a process that hit a few hiccups along the way (if entries on its status update page are any guide). Web panel passwords, email passwords and billing data were not affected by the breach, the company said. These passwords have also been reset as a precaution.

Compromised passwords could potentially be used to change the content of hosted sites or to (more likely) insert malicious code. The motives of the hackers – much less their identity – remains unclear.

In a blog post, DreamHost chief exec Simon Anderson said the company had been hit by a "previously unknown" attack. He attempted to allay fears by saying nothing bad had happened to customers as a result of the breach, possibly because DreamHost reacted quickly once a breach was detected.

"The bad news is that we detected access to one of our databases and took rapid action to protect customer accounts and passwords," it said. "The good news is that it does not appear that any significant malicious activity has occurred on any customer accounts as a result of the illegal access.

"Early yesterday, one of DreamHost’s database servers was illegally accessed using an exploit that was not previously known or prevented by our layered security systems in place. Our intrusion detection systems alerted our Security team to the potential hack, and we rapidly identified the means of illegal access and blocked it," he added. ®

Next gen security for virtualised datacentres

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.