14:57
21/1/2012

* Wyciek haseł z Dreamhost?

Dreamhost informuje o nieautoryzowanym dostępie do bazy danych swoich klientów. Nie potwierdzono co prawda, że intruzi przechwycili hasła, ale na wszelki wypadek rozpoczęto procedurę resetu haseł.

———- Forwarded message ———-
From:
Date: 2012/1/21
Subject: Information on your DreamHost account – please change your passwords

IMPORTANT INFORMATION: We are writing to let you know that there may
have been illegal and unauthorized access to some of your passwords at
DreamHost today. Our security systems detected the potential breach
this morning and we immediately took the defensive precaution of
expiring and resetting all FTP/shell access passwords for all
DreamHost customers and their users. There are three different types
of passwords at DreamHost: a web panel password (for logging into the
panel), email passwords, and FTP/shell access passwords. Only the
FTP/shell access passwords appear to have been compromised by the
illegal access. Web panel passwords, email passwords and billing
information for DreamHost customers were not affected or accessed.
Refer to the following DreamHost status post for details:
http://www.dreamhoststatus.com/2012/01/20/changing-ftpshell-passwords-due-to-security-issue/.

IMPORTANT ACTION REQUIRED:

To create a new FTP/shell access password for your DreamHost account,
please login to your DreamHost web panel
(https://panel.dreamhost.com/), select “Manage Users” in the top left,
then select “Edit” next to each user and type in a new password. Make
sure you click “Save Changes” at the bottom of the page.
We are also requesting that you change your email password. We are not
enforcing this change at this time as we do not believe that email p
asswords were compromised. However we strongly recommend that you
change your email password as a precaution. To change the passwords
for your email users or yourself, log into the DreamHost panel at
(https://panel.dreamhost.com/), select “Manage Email” in the top left,
select “Edit” next to each email user address, and choose a new
password for each. Make sure you click “Save Changes” at the bottom of
the page.

We sincerely apologize for any inconvenience this may cause. If you
have any additional questions about this process, please contact us
through the support page in the panel.

Note that DreamHost will never ask you for personal or account
information in an email. Please exercise caution if you receive any
other emails that ask for personal information or direct you to a web
site where you are asked to provide personal information.

Sincerely,

The DreamHost Team

Przeczytaj także:

Ten wpis pochodzi z naszego linkbloga *ptr, dlatego nie widać go na głównej.
*ptr możesz czytać przez RSS albo przez sidebar po prawej stronie serwisu.

3 komentarzy

Dodaj komentarz
  1. więcej info o wycieku: http://blog.dreamhost.com/2012/01/21/security-update/

  2. Mam tam konto od kilku lat, nawet jezeli cos im nie wyszlo to i tak jestem zadowolony z informowania o wszystkich bledach i problemach, ktorych i tak nie jest duzo. W nazwa.pl gdy kilka dni temuy byl problem z poczta, place wiecej za hosting i domeny, a informacji o problemach nie bylo lub dopiero po dlugim czasie.

  3. W pierwszej połowie 2011 widziałem gdzieś coś związane z tym provider-em.

Twój komentarz

Zamieszczając komentarz akceptujesz regulamin dodawania komentarzy. Przez moderację nie przejdą: wycieczki osobiste, komentarze nie na temat, wulgaryzmy.

RSS dla komentarzy: