Results 176 to 198 of 198
Thread: WHT hacked DB for sale
-
07-14-2016, 03:39 PM #176Web Hosting Master
- Join Date
- Mar 2009
- Location
- Miami, Florida
- Posts
- 20,777
I agree the method could have been better - at least this method not only requires the old password (which has been compromised) but also requires the user to prove they have access to the email account as it sends a temporary password that needs to be used to login and change the password.
-
07-14-2016, 03:41 PM #177Marketing Maestro
- Join Date
- Dec 2007
- Location
- Isle of Man
- Posts
- 3,068
I mean this in the nicest possible way.
You do spout some sh!t.
It's a situation, which I like thousands of others were affected by. They investigated (which takes time) and have now issued a comment and are forcing people to change passwords. There's no point in doing this too early, because the same incident could easily occur without being investigated first.
"This is progress, ever so slight."
Something makes me think that you'll never be happy. Even if Penton offered you $1000 for the inconvenience and a pat on the back.
I've contributed to this thread too but some of you in here have just taken this to an absolute extreme, for no real reason.
-
07-14-2016, 03:56 PM #178Web Hosting Guru
- Join Date
- Feb 2013
- Posts
- 283
I don't take any of it personally. Say what you need to
Do the math, it's not thousands or minor number hooked and crooked potentially:
(1.7 million accounts)
1700000 / 100 = 17000 at 1%
There were 60% of the accounts computationally reversed since they packed the salt with the passwords:
17000 x 60 = 1,020,000 accounts compromised potentially. That's MILLION, not thousands.
1 million and 20 thousand open air sitting ducks ripe for the taking.
Time is of the essence with something like this. That boat sunk 6 days ago.
Happy? Like I said, I'll take it, better than continuing to do nothing. I don't want their money, I call things the way they are, be it not PC or seemingly harsh. This is business and that's that. Standards and rules to adhere to, best practices. We would have given the prior owners as much or more crap about something like this. No reason the new owner should get Platinum Free Ride Card.
-
07-14-2016, 04:00 PM #179Web Hosting Guru
- Join Date
- Feb 2013
- Posts
- 283
PS: To all involved on Penton / WHT side:
http://www.webhostingtalk.com/showthread.php?t=1585297
Put that under Featured so people see it and don't flood the ticket desk as much, it's nowhere zone now. 33 views, buried in this big site.
-
07-14-2016, 04:22 PM #180
That thread is right where it belongs
Tom Whiting, WHMCS Guru extraordinaire
Linux problems? WHMCS Problems? Give me a shout
Check out my WHMCS Addons
-
07-14-2016, 06:00 PM #181Caffeine addict
- Join Date
- Mar 2010
- Location
- CMYK-Land
- Posts
- 1,400
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Pretty soon we can expect hosting companies offering "double unlimited"
or "not limited unlimited with no limits".
-
07-15-2016, 10:18 AM #182WHT Addict
- Join Date
- Jul 2012
- Location
- Rye, NY
- Posts
- 148
█ DataWagon LLC - https://datawagon.net (AS27176)
█ Dedicated Servers - DDoS Protection - Virtualization - New York and Chicago
█ Looking for a custom solution? Contact us!
█ sales (at) datawagon.net | @DataWagon
-
07-15-2016, 02:14 PM #183WHT Addict
- Join Date
- Jan 2015
- Location
- Orlando, FL
- Posts
- 127
██ Ecobyte is an emerging web hosting company dedicated to making the world just a little bit greener. 🍃
██ Byte Grid Shared Hosting | Byte Compute VPS | Byte Box Enterprise Solutions
██ Follow Us on Twitter: @ecobyte_io | ecobyte.io
-
07-15-2016, 02:24 PM #184
It's been a long ride down WHT lane - I'm not surprised by anything anymore. I had already changed my password and email before the reset and now it's changed again.
█ ProlimeHost - Dedicated Server Hosting & KVM SSD VPS
█ Three Datacenter Locations: Los Angeles, Denver & Singapore
█ SuperMicro Hardware | Multiple Bandwidth Providers | 24/7 On-site Engineers
-
07-15-2016, 02:28 PM #185
Did anyone notice a decrease in traffic you receive from WHT after this happened?
█||||[ MechanicWeb.com - Shared Hosting | Reseller Hosting | KVM VPS | Dedicated Server ]
█||||[ NVMe SSD | cPanel | DirectAdmin | LiteSpeed | CloudLinux | MailChannels | Since 2008 ]
-
07-15-2016, 03:31 PM #186Web Hosting Evangelist
- Join Date
- Jul 2004
- Location
- Pittsburgh PA
- Posts
- 469
▉▊ HostKoi Web Services LLC - Optimized Web Hosting, Reseller, VPS and Dedicated Servers.
▉▊ Services World Wide: US, UK, Europe & Asia
▊▉ True 24x7 Support
-
07-15-2016, 03:37 PM #187Best Customer Service..ALWAYS!
- Join Date
- Feb 2007
- Location
- Isle Of Anglesey, UK
- Posts
- 1,468
-
07-15-2016, 04:41 PM #188█||||[ MechanicWeb.com - Shared Hosting | Reseller Hosting | KVM VPS | Dedicated Server ]
█||||[ NVMe SSD | cPanel | DirectAdmin | LiteSpeed | CloudLinux | MailChannels | Since 2008 ]
-
07-16-2016, 01:36 AM #189
I was definitely forced logged out but it was only about 8 days later. When I got the reset notification was the first I heard of what happened here. Penton needs to get with LiquidWeb and vBulletin to devise a better solution. It most certainly doesn't help that Penton has opted to run an outdated version of vBulletin (this version is clearly from the 4.x line and not the 5.x line).
The only reason I found out about this is the reset notification. This thread is buried in a part of the forum I rarely ever have the time to get to.
It's disheartening to see the HostingCon spam every other day which our Exchange Servers just now mark completely as spam given the frequency of these messages yet a notification of a potential security breach on WHT doesn't get so much as a peep.
Penton can start by updating vBulletin from this outdated version that it continues to run and then work with LiquidWeb on a more secure solution. As many professionals come here to congregate, I would think security would be something that should be taken a bit more seriously.
In either case, reset now so until the next hacking attempt since security on the internet is never 100%.██ Cloud Mosaic by NortheBridge
██ High Performance Global Cloud | Contact Us: hello@northebridge.com
██ Apps & Stacks: WordPress | Magento | Drupal | Ghost | Redmine | LAMP
██ Node.js | Gitlab | MEAN | Nginx | Django | cPanel | Plesk | Windows & Linux
-
07-18-2016, 04:13 AM #190Aspiring Evangelist
- Join Date
- Sep 2015
- Posts
- 434
Not sure if the emails have gone out yet but according to this thread they're investigating it still and will email 'affected users' soon.
-
07-18-2016, 04:39 AM #191Web Hosting Guru
- Join Date
- Mar 2014
- Location
- London
- Posts
- 261
Too little to late. The leaked username and passwords are easy to obtain regardless of investigation stage. A precautionary email to say 'you might want to change your password just in case' would have been sufficient.
Meanwhile users who are not as active as others may have other accounts compromised.█ Eria Hosting- eria.io
█ Premium Web Hosting.
█ cPanel | Softaculous | CloudLinux | Domains | SSL | SSD
█ PayPal | Stripe
-
07-18-2016, 06:13 AM #192Best Customer Service..ALWAYS!
- Join Date
- Feb 2007
- Location
- Isle Of Anglesey, UK
- Posts
- 1,468
I agree. All they had to do is send out an email telling people that they are investigating a possible breach, and recommending people to change their password, especially on other sites that they might have used the same password.
Seems they are more interested in damage control, than their members.
-
07-19-2016, 01:04 PM #193
Luckily, I use unique passwords for everything using a password manager.
Good luck to WHT with this.HostXNow - Shared Web Hosting | Semi Dedicated Hosting | Enterprise Reseller Hosting | VPS Hosting
-
08-01-2016, 05:11 PM #194Web Hosting Master
- Join Date
- Jul 2005
- Posts
- 3,784
What's the latest on this? I haven't seen any updates to the sticky post?
-
08-01-2016, 09:23 PM #195Junior Guru
- Join Date
- Jan 2006
- Location
- Cincinnati, Ohio
- Posts
- 187
it was swept under the rug.
Joshua Combs
-
08-11-2016, 09:12 AM #196New Member
- Join Date
- Aug 2008
- Location
- Finland
- Posts
- 2
-
08-11-2016, 10:49 AM #197Disabled
- Join Date
- Aug 2016
- Posts
- 3
Is there any word as to if the security vulnrability has been patched? I.e are new members at risk too?
-
08-12-2016, 03:17 AM #198Web Hosting Guru
- Join Date
- Oct 2008
- Location
- J
- Posts
- 299
check outages, mod really fast reply there, but nothing here
We happy to blame if someone get hacked, but when it come to us, we keep silent, because silent is GOLD.- do it your self.
Similar Threads
-
Very interested on the status of WHT hacked db restore, Any one else?
By Manageandsupport_com in forum WHT Announcements, Feedback and QuestionsReplies: 16Last Post: 04-06-2009, 07:23 PM -
US and Canada Telephone Area Code DB for sale!
By Douglas in forum Other Offers & RequestsReplies: 2Last Post: 06-09-2006, 02:27 PM -
site + large DB for sale with some traffic + others
By DNGeeks in forum Other Offers & RequestsReplies: 7Last Post: 10-15-2004, 10:29 AM -
30+ Domains for sale - Discounts for WHT users
By deepensky90 in forum Other Offers & RequestsReplies: 9Last Post: 05-26-2003, 08:17 PM