hosted by liquidweb


Go Back   Web Hosting Talk : Other Forums : WHT Announcements, Feedback and Questions : Recent WHT down time
Closed Thread

Forum Jump

Recent WHT down time

Closed Thread Post New Thread In WHT Announcements, Feedback and Questions Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old
iNET Senior Community Advisor
 
Join Date: Jun 2001
Location: Kalamazoo
Posts: 32,596

Recent WHT down time


I reported yesterday that our recent downtime was due to issues with our backup servers followed by the corruption of some db tables from a hack attempt.

We've since learned that this very deliberate, sophisticated and calculated hack against Web Hosting Talk was carried out by gaining access to our offsite backup servers. From our backup servers, the hacker gained access to the WHT db server. The malicious attacker deleted all backups from the backup servers within the infrastructure before deleting tables from our db server. We were alerted of the db exploitation and quickly shut down the site to prevent further damage.

This individual is still in possession of our user table that includes all user names, email addresses and hashed passwords. Absolutely no credit card or PayPal data was compromised.

Passwords are hashed with salt. It would be an unprecedented event to reverse engineer our passwords. I change my password periodically though, so maybe today is a good day for that. Go here to change your password.

My concern is the distribution of your email addresses and the potential spam you may receive. We know the hacker has posted the user table containing email addresses to various places (file sharing sites) and we're working diligently to remove the tables as we find them. If you see the user table posted anywhere, please let us know so we can get it taken off line.

We are working on recovering the deleted data. In the meantime, we've restored to an old db. We cannot yet determine if we can restore to a more recent db backup.

If you have any clues as to the individual who caused this malicious attack on the Web Hosting Talk community, please let me know.

__________________
There is no best host. There is only the host that's best for you.



Sponsored Links
  #2  
Old
Web Hosting Master
 
Join Date: Jul 2008
Posts: 972
At least it's back, I guess. I've only lost 800 posts and countless topics of interest to me...

  #3  
Old
Web Hosting Master
 
Join Date: Feb 2006
Location: Buffalo NY
Posts: 1,239
Good luck !

__________________
Cody R. - Chief Technical Officer
Quality Shared and VPS Hosting
Hawk Host Inc. Proudly serving websites since 2004
PHP 5.3.x & PHP 5.4.x & PHP 5.5.X Support!

Sponsored Links
  #4  
Old
Web Host Extraordinaire!!!
 
Join Date: Dec 2007
Location: Indianapolis, Indiana USA
Posts: 15,066
I saw the uploads that you are referring to, I wanted to see how much of my information was there and it's 5400+ pages of account information but only usernames/e-mails/hashed passwords + salt.

Luckily I use a secondary address for forum notifications so I can set it to :blackhole: and just create a new forwarder.

My personal advise is that *EVERYBODY* change their passwords.

__________________
Michael Denney - MDDHosting, LLC - Professional Hosting Solutions
LiteSpeed Powered - Shared, Reseller, Semi-Dedicated, and VPS
For high-end shared accounts ideal for business, check out our Semi-Dedicated offerings!
http://www.mddhosting.com/ - Providing Quality Services since 2007

  #5  
Old
Premium Member
 
Join Date: Apr 2007
Location: United Kingdom
Posts: 1,659
Quote:
Originally Posted by MikeDVB View Post

My personal advise is that *EVERYBODY* change their passwords.
My personal advice is that WHT should secure their stuff properly and not just backup to one location.

It's ridiculous!

__________________
EZPZ Hosting - Dependable and Affordable UK and US Web Hosting
LiteSpeed Powered cPanel Shared with R1Soft and Softaculous | Budget VPS, Managed VPS and Dedicated | Shoutcast
Reseller Hosting Specialists | WHMCS-Based End User Support | Unlimited SSLs | CloudFlare
99.9% Uptime Guarantee | 24/7 Support | 30 Day Money Back Guarantee |

  #6  
Old
Web Host Extraordinaire!!!
 
Join Date: Dec 2007
Location: Indianapolis, Indiana USA
Posts: 15,066
Quote:
Originally Posted by Dan_EZPZ View Post
My personal advice is that WHT should secure their stuff properly and not just backup to one location.

It's ridiculous!
What has been done, is done - and hopefully it will be a learning experience.

__________________
Michael Denney - MDDHosting, LLC - Professional Hosting Solutions
LiteSpeed Powered - Shared, Reseller, Semi-Dedicated, and VPS
For high-end shared accounts ideal for business, check out our Semi-Dedicated offerings!
http://www.mddhosting.com/ - Providing Quality Services since 2007

  #7  
Old
Evenly Divided
 
Join Date: Aug 2001
Posts: 4,028
Ouchie. Best of luck.

  #8  
Old
Web Hosting Master
 
Join Date: Jul 2008
Posts: 972
Quote:
Originally Posted by MikeDVB View Post
What has been done, is done - and hopefully it will be a learning experience.
oh come on, you're not serious, right? You're comfortable knowing that there's hundreds/thousands of people sitting in front of their computers with a copy of your password, and every other members? I know I'm not.

  #9  
Old
Web Hosting Master
 
Join Date: May 2003
Location: California, USA, Earth
Posts: 998
Wow, this is disappointing. I hope the lost data can be recovered some how and that you have some luck limiting the distribution of all our email addresses. Major blow to WHT.

Good luck.

__________________
Blesta - Professional Billing Software
Innovation that benefits the user experience
Trial - Demo | 866.478.7567 | Twitter @blesta

  #10  
Old
Retired Moderator
 
Join Date: Jan 2005
Location: In your server
Posts: 2,677
Quote:
Originally Posted by Dan_EZPZ View Post
My personal advice is that WHT should secure their stuff properly and not just backup to one location.

It's ridiculous!
and how many different backup locations do you use?

__________________
If you need help about anything to do with WHT, check out the Helpdesk

  #11  
Old
Web Hosting Guru
 
Join Date: Oct 2008
Posts: 305
Saying "this is unforgivable" may sound too hard. But it really is. WebHostingTalk, a place where we often read "make backup of backup" got hacked and lost their only backup. Great.

  #12  
Old
WHT Addict
 
Join Date: Aug 2008
Posts: 174
Quote:
Originally Posted by Dan_EZPZ View Post
My personal advice is that WHT should secure their stuff properly and not just backup to one location.

It's ridiculous!
I hate be like this but I agree.

WHT has has issues like this before if I member correctly.

So now I could be spammed great.

Password changed.

I'm curious as to how they got into the backup server? software, password, or other exploit?

Quote:
Originally Posted by MikeDVB View Post
What has been done, is done - and hopefully it will be a learning experience.
Mike is right but I'm still furious that this happened.

I understand people can get hacked, problems happen. But i would figure there would be at least two back up servers for the forum. Seeing as the forum has been DDoSS or attacked before if I remember correctly.

I know this is no ones fault. But steps need to be taken so this doesn't happen again.

I hate to sound like a whinner but this could happen again.

This is serious breach of security.


Last edited by ShaunH; 03-23-2009 at 01:15 PM.
  #13  
Old
Premium Member
 
Join Date: May 2007
Location: Cardiff, United Kingdom
Posts: 506
I've received about 5 spam e-mails today, I hope it isn't due to this.

__________________
Sam Asante ~ Web & User Interface Designer ~ SamAsante.com
World-Class cPanel Themes
Responsive WHMCS Themes



  #14  
Old
An Awesome Dude
 
Join Date: Oct 2002
Posts: 13,044
THE BEST THING YOU CAN DO DENNIS IS CHECK THE IP LOGS AND FIND OUT WHO DID THIS AND GO FROM THERE!!

Go back thru EVERY IP UNTIL YOU GET TO THE SCUMBAG WHO DID THIS!! (Its not impossible my friend)

Good luck!





__________________

Tinyurl is the answer for posting long urls!!!

  #15  
Old
Premium Member
 
Join Date: May 2008
Location: Texas
Posts: 188
Quote:
Originally Posted by citricsquid View Post
oh come on, you're not serious, right? You're comfortable knowing that there's hundreds/thousands of people sitting in front of their computers with a copy of your password, and every other members? I know I'm not.
Welcome to the Internet.

There's really no reason to make a huge issue out of this. Simply change your password(s) and move on.

Closed Thread

Related posts from TheWhir.com
Title Type Date Posted
European Commission Seeks Experts to Build Transparency into Cloud Contracts Web Hosting News 2013-08-02 10:48:15
Average Firm Takes 10 Hours to Detect Security Breach: McAfee Report Web Hosting News 2013-06-21 15:36:06
CIO New York Summit 2013 Web Hosting Events 2013-03-27 19:48:29
CIO Summit 2013 Web Hosting Events 2013-03-05 18:08:59
Technology Performance Monitoring Firm Compuware Launches Free Outage Analyzer Service Web Hosting News 2012-10-12 15:38:07


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:
WHT Membership
WHT Membership



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?