Results 76 to 100 of 198
Thread: WHT hacked DB for sale
-
07-11-2016, 08:18 AM #76Aspiring Evangelist
- Join Date
- Feb 2002
- Location
- Indiana
- Posts
- 422
-
07-11-2016, 08:22 AM #77~~~~
- Join Date
- May 2008
- Posts
- 3,424
Uptime Monitor - Minimize your downtime by being the first to know about it!
Blacklist Monitor - Are any of your IPs or Domains blacklisted? Find out before it gets to affect you or your clients.
-
07-11-2016, 08:38 AM #78Best Customer Service..ALWAYS!
- Join Date
- Feb 2007
- Location
- Isle Of Anglesey, UK
- Posts
- 1,468
Username is publically available anyway.
email address could mean more spam (I get tons anyway, and my spam filter deals with 99+% of it anyway). Could be a problem if you used the same password for your email account.
My Password for WHT was unique to this site, so only had to change WHT password.
It is, of course worrying for those that have used the same password elsewhere.
I would have thought that WHT would have advised everyone to change their password by now (it should have been done as soon as they found out about the breach).
-
07-11-2016, 08:39 AM #79Web Hosting Master
- Join Date
- Mar 2012
- Posts
- 1,421
Nice comment. hehe.
The only thing that bothers me a "little" is that these people (Penton) make a ton of money from this community. Seeing all the flaws pointed in this thread, outdated wp's, forum software, etc... is disappointing. Maybe they should sell the community to a more responsible player in the industry. :]
-
07-11-2016, 08:42 AM #80Best Customer Service..ALWAYS!
- Join Date
- Feb 2007
- Location
- Isle Of Anglesey, UK
- Posts
- 1,468
One more thought.
Something we do need to watch out for is someone using the email addresses to send phishing emails out trying to get you to change your password.
Whenever I get an email like that I always open the website directly (never from a link in the email)
-
07-11-2016, 09:34 AM #81Web Hosting Evangelist
- Join Date
- Apr 2002
- Location
- Las Vegas, Nevada
- Posts
- 510
-
07-11-2016, 09:47 AM #82Caffeine addict
- Join Date
- Mar 2010
- Location
- CMYK-Land
- Posts
- 1,400
No one from WHT still made a comment or official statement what just shows what is the real state of this forum. Knowing how many times mods, admins and host jumped in topics dealing with same or similar problem accusing how affected host didnt properly notify his customers they should now be all over this topic and flooding the support with accusations and complains.
If nothing else this is just a confirmation that WHT become nothing else but simple forum to complain for bad hosting service and for the host to parade their badges.- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Pretty soon we can expect hosting companies offering "double unlimited"
or "not limited unlimited with no limits".
-
07-11-2016, 09:55 AM #83~~~~
- Join Date
- May 2008
- Posts
- 3,424
As far as I know, the MODs and Admins are not devs here, they can't really investigate this breach as a dev could, so them taking a stand on this matter or making an announcement without having the proper info, would be wrong. As I see it, the blame here should fall on Penton, not the WHT staff.
Uptime Monitor - Minimize your downtime by being the first to know about it!
Blacklist Monitor - Are any of your IPs or Domains blacklisted? Find out before it gets to affect you or your clients.
-
07-11-2016, 10:14 AM #84Web Hosting Master
- Join Date
- Mar 2009
- Location
- Miami, Florida
- Posts
- 20,777
-
07-11-2016, 10:22 AM #85Web Hosting Evangelist
- Join Date
- Apr 2002
- Location
- Las Vegas, Nevada
- Posts
- 510
We are all changing our passwords on WHT / but also be sure to change your password on the Support Ticket Site as well / I do not think they have Single Sign On for that ...
I would assume that today is the day where PENTON is investigating and planning on how to address this / or at least one would hope - for no one to say anything will be just wrong.
Dave
-
07-11-2016, 12:47 PM #86Web Hosting Master
- Join Date
- Oct 2000
- Location
- Lake Geneva, WI.
- Posts
- 1,370
█ Jeremy Kinsey (jer@mia.net) - 262-248-6759
█ Dedicated Servers - Web Hosting - Colocation HostDrive.Com
█ Since 1997
-
07-11-2016, 12:49 PM #87Web Hosting Industry Expert
- Join Date
- Dec 2007
- Location
- Indiana, USA
- Posts
- 19,178
█ Michael Denney - MDDHosting.com - Proudly hosting more than 37,800 websites since 2007.
█ Ultra-Fast Cloud Shared and Pay-By-Use Reseller Hosting Powered by LiteSpeed!
█ cPanel • Free SSL • 100% Uptime SLA • 24/7 Support
█ Class-leading support that responds in minutes, not days.
-
07-11-2016, 01:09 PM #88Web Hosting Master
- Join Date
- Oct 2000
- Location
- Lake Geneva, WI.
- Posts
- 1,370
█ Jeremy Kinsey (jer@mia.net) - 262-248-6759
█ Dedicated Servers - Web Hosting - Colocation HostDrive.Com
█ Since 1997
-
07-11-2016, 01:47 PM #89Web Hosting Guru
- Join Date
- Feb 2013
- Posts
- 283
I'll be the first to confirm this hack, since the cowardly owners are trying to cover it up.
This has been going on officially since Friday. They knew about it then and did nothing.
In any other business, you have all hands on deck and legal on the weekend due to such. Ruined weekend is what the office workers should have had.
Official word should have been issued over the weekend. Nothing said or done. Now their time mid day on Monday, nothing.
Penton was hacked. 100% hacked and details are there including actual passwords.
What proof do I have? This very account I am posting from was compromised. Someone managed to get into it and change email address and password over the weekend.
-
07-11-2016, 01:48 PM #90~~~~
- Join Date
- May 2008
- Posts
- 3,424
Uptime Monitor - Minimize your downtime by being the first to know about it!
Blacklist Monitor - Are any of your IPs or Domains blacklisted? Find out before it gets to affect you or your clients.
-
07-11-2016, 01:52 PM #91Web Hosting Master
- Join Date
- Mar 2009
- Location
- Miami, Florida
- Posts
- 20,777
-
07-11-2016, 01:52 PM #92Web Hosting Master
- Join Date
- Oct 2000
- Location
- Lake Geneva, WI.
- Posts
- 1,370
█ Jeremy Kinsey (jer@mia.net) - 262-248-6759
█ Dedicated Servers - Web Hosting - Colocation HostDrive.Com
█ Since 1997
-
07-11-2016, 01:57 PM #93~~~~
- Join Date
- May 2008
- Posts
- 3,424
Out of curiosity and to help settle this thread's MD5 disputes, did you have a simple or complex password?
Should be safe(r) if you change it to a strong password... besides, I hardly think the attackers are constantly downloading fresh copies of the database and run password decryption on them.Uptime Monitor - Minimize your downtime by being the first to know about it!
Blacklist Monitor - Are any of your IPs or Domains blacklisted? Find out before it gets to affect you or your clients.
-
07-11-2016, 01:59 PM #94Web Hosting Master
- Join Date
- Oct 2000
- Location
- Lake Geneva, WI.
- Posts
- 1,370
█ Jeremy Kinsey (jer@mia.net) - 262-248-6759
█ Dedicated Servers - Web Hosting - Colocation HostDrive.Com
█ Since 1997
-
07-11-2016, 02:03 PM #95Web Hosting Guru
- Join Date
- Feb 2013
- Posts
- 283
I think folks on this thread are smart and are taking it more serious than audience as a whole. This thread remains buried and unfound in search. I'd think a hack like this should be top of the nav every page on webhostingtalk.com and they should have force reset all passwords on Friday.
Still too much is being said like were the passwords encrypted and such. I am here to say, not adequate either way. The site has been officially compromised and Penton needs to step forward with plan and clean up the mess.
Because of their denial my account and likely others were hijacked. Clearly, mass password reset they don't want to do, that would drive participation down for weeks to months.
-
07-11-2016, 02:06 PM #96Web Hosting Guru
- Join Date
- Feb 2013
- Posts
- 283
The database was allegedly ran on Friday and 60% of all passwords via MD5 with the accompanying SALT in the database data were decryptable... 60%.
Password that was used here would fall to a dictionary style attack.
No doubt that password complexity of maximum length + numbers + characters + case mix is all anyone should be doing. If you can remember your password, it's not adequate.
-
07-11-2016, 02:07 PM #97Web Hosting Master
- Join Date
- Mar 2009
- Location
- Miami, Florida
- Posts
- 20,777
-
07-11-2016, 02:10 PM #98~~~~
- Join Date
- May 2008
- Posts
- 3,424
If only you'd spend less energy coming up with such "original" name calling, and spend more energy on the common sense part of your brain, you'd realize that even if the hole is not patched up yet, there's still a much lower chance of your account getting compromised if you change your password now.
Uptime Monitor - Minimize your downtime by being the first to know about it!
Blacklist Monitor - Are any of your IPs or Domains blacklisted? Find out before it gets to affect you or your clients.
-
07-11-2016, 02:17 PM #99Web Hosting Guru
- Join Date
- Feb 2013
- Posts
- 283
Nicer way of saying that Entirely true on password complexity necessity and need to change password NOW. Everyone, if you haven't changed password since Friday, regardless of complexity change it.
May I recommend keepass for the Linux crowd, in your distros and waiting. Generate good passwords and store them so you can look up account info and not prone to simple passwords.
Hacks happen. Yes, users should have unique cryptic passwords. Part of this falls on enforcement and best practices by site operators. Such should be mandatory at account creation and any time you reset your password.
None of this closes the door to the hacks though. Nor is the larger picture clear to all of us. This will have long term ripple effect unless users change their behavior, unhinge from comfort and go the multiple account/personality route while observing password complexity... and oh yeah BRING THE TWO FACTOR AUTHENTICATION LAYER.
-
07-11-2016, 02:44 PM #100Web Hosting Master
- Join Date
- Jul 2002
- Location
- London, United Kingdom
- Posts
- 4,455
Yes, but the email-address used might not be "public" as such (but now is)
I can confirm at least 1 unique-to-wht-forum email (and not anything obvious) that I know of is in confirmed to be in the leaked data, just as a unique-to-linkedin email address is confirmed to be in the leak of their db too
An official announcement from WHT/inet/Penton and a note to change pwds at the top of every forum page would be good !Rob Golding Astutium Ltd - UK based ICANN Accredited Domain Registrar - proud to accept BitCoins
Buying Web Hosts and Domain Registrars Today @ hostacquisitions.co.uk
UK Web Hosting | UK VPS | UK Dedicated Servers | ADSL/FTTC | Backup/DR | Cloud
UK Colocation | Reseller Accounts | IPv6 Transit | Secondary MX | DNS | WHMCS Modules
Similar Threads
-
Very interested on the status of WHT hacked db restore, Any one else?
By Manageandsupport_com in forum WHT Announcements, Feedback and QuestionsReplies: 16Last Post: 04-06-2009, 07:23 PM -
US and Canada Telephone Area Code DB for sale!
By Douglas in forum Other Offers & RequestsReplies: 2Last Post: 06-09-2006, 02:27 PM -
site + large DB for sale with some traffic + others
By DNGeeks in forum Other Offers & RequestsReplies: 7Last Post: 10-15-2004, 10:29 AM -
30+ Domains for sale - Discounts for WHT users
By deepensky90 in forum Other Offers & RequestsReplies: 9Last Post: 05-26-2003, 08:17 PM