Page 1 of 36 123411 ... LastLast
Results 1 to 15 of 537
  1. #1
    Join Date
    Jun 2001
    Location
    Kalamazoo
    Posts
    32,872

    Recent WHT down time

    I reported yesterday that our recent downtime was due to issues with our backup servers followed by the corruption of some db tables from a hack attempt.

    We've since learned that this very deliberate, sophisticated and calculated hack against Web Hosting Talk was carried out by gaining access to our offsite backup servers. From our backup servers, the hacker gained access to the WHT db server. The malicious attacker deleted all backups from the backup servers within the infrastructure before deleting tables from our db server. We were alerted of the db exploitation and quickly shut down the site to prevent further damage.

    This individual is still in possession of our user table that includes all user names, email addresses and hashed passwords. Absolutely no credit card or PayPal data was compromised.

    Passwords are hashed with salt. It would be an unprecedented event to reverse engineer our passwords. I change my password periodically though, so maybe today is a good day for that. Go here to change your password.

    My concern is the distribution of your email addresses and the potential spam you may receive. We know the hacker has posted the user table containing email addresses to various places (file sharing sites) and we're working diligently to remove the tables as we find them. If you see the user table posted anywhere, please let us know so we can get it taken off line.

    We are working on recovering the deleted data. In the meantime, we've restored to an old db. We cannot yet determine if we can restore to a more recent db backup.

    If you have any clues as to the individual who caused this malicious attack on the Web Hosting Talk community, please let me know.
    .
    There is no best host. There is only the host that's best for you.
      1 Not allowed!

  2. #2
    Join Date
    Jul 2008
    Posts
    972
    At least it's back, I guess. I've only lost 800 posts and countless topics of interest to me...
      1 Not allowed!

  3. #3
    Join Date
    Feb 2006
    Location
    Buffalo NY
    Posts
    1,259
    Good luck !
    Cody R. - Chief Technical Officer
    Quality Shared and VPS Hosting
    Hawk Host Inc. Proudly serving websites since 2004
    PHP 5.3.x & PHP 5.4.x & PHP 5.5.X Support!
      1 Not allowed!

  4. #4
    Join Date
    Dec 2007
    Location
    Indianapolis, Indiana USA
    Posts
    15,319
    I saw the uploads that you are referring to, I wanted to see how much of my information was there and it's 5400+ pages of account information but only usernames/e-mails/hashed passwords + salt.

    Luckily I use a secondary address for forum notifications so I can set it to :blackhole: and just create a new forwarder.

    My personal advise is that *EVERYBODY* change their passwords.
    Michael Denney - MDDHosting, LLC - Professional Hosting Solutions
    LiteSpeed Powered - Shared, Premium, Reseller, and VPS
    For high-end shared accounts ideal for business, check out our Premium offerings!
    http://www.mddhosting.com/ - Providing Quality Services since 2007
      1 Not allowed!

  5. #5
    Join Date
    Apr 2007
    Location
    United Kingdom
    Posts
    1,668
    Quote Originally Posted by MikeDVB View Post

    My personal advise is that *EVERYBODY* change their passwords.
    My personal advice is that WHT should secure their stuff properly and not just backup to one location.

    It's ridiculous!
    EZPZ Hosting - Dependable and Affordable UK and US Web Hosting
    LiteSpeed Powered cPanel Shared with R1Soft and Softaculous | Budget VPS, Managed VPS and Dedicated | Shoutcast
    Reseller Hosting Specialists | WHMCS-Based End User Support | Unlimited SSLs | CloudFlare
    99.9% Uptime Guarantee | 24/7 Support | 30 Day Money Back Guarantee |
      1 Not allowed!

  6. #6
    Join Date
    Dec 2007
    Location
    Indianapolis, Indiana USA
    Posts
    15,319
    Quote Originally Posted by Dan_EZPZ View Post
    My personal advice is that WHT should secure their stuff properly and not just backup to one location.

    It's ridiculous!
    What has been done, is done - and hopefully it will be a learning experience.
    Michael Denney - MDDHosting, LLC - Professional Hosting Solutions
    LiteSpeed Powered - Shared, Premium, Reseller, and VPS
    For high-end shared accounts ideal for business, check out our Premium offerings!
    http://www.mddhosting.com/ - Providing Quality Services since 2007
      1 Not allowed!

  7. #7
    Join Date
    Aug 2001
    Posts
    4,028
    Ouchie. Best of luck.
      0 Not allowed!

  8. #8
    Join Date
    Jul 2008
    Posts
    972
    Quote Originally Posted by MikeDVB View Post
    What has been done, is done - and hopefully it will be a learning experience.
    oh come on, you're not serious, right? You're comfortable knowing that there's hundreds/thousands of people sitting in front of their computers with a copy of your password, and every other members? I know I'm not.
      1 Not allowed!

  9. #9
    Join Date
    May 2003
    Location
    California, USA, Earth
    Posts
    1,025
    Wow, this is disappointing. I hope the lost data can be recovered some how and that you have some luck limiting the distribution of all our email addresses. Major blow to WHT.

    Good luck.
    Blesta - Professional Billing Software
    Innovation that benefits the user experience
    Trial - Demo | 866.478.7567 | Twitter @blesta
      0 Not allowed!

  10. #10
    Join Date
    Jan 2005
    Location
    In your server
    Posts
    2,677
    Quote Originally Posted by Dan_EZPZ View Post
    My personal advice is that WHT should secure their stuff properly and not just backup to one location.

    It's ridiculous!
    and how many different backup locations do you use?
    If you need help about anything to do with WHT, check out the Helpdesk
      0 Not allowed!

  11. #11
    Join Date
    Oct 2008
    Posts
    313
    Saying "this is unforgivable" may sound too hard. But it really is. WebHostingTalk, a place where we often read "make backup of backup" got hacked and lost their only backup. Great.
      0 Not allowed!

  12. #12
    Join Date
    Aug 2008
    Posts
    174
    Quote Originally Posted by Dan_EZPZ View Post
    My personal advice is that WHT should secure their stuff properly and not just backup to one location.

    It's ridiculous!
    I hate be like this but I agree.

    WHT has has issues like this before if I member correctly.

    So now I could be spammed great.

    Password changed.

    I'm curious as to how they got into the backup server? software, password, or other exploit?

    Quote Originally Posted by MikeDVB View Post
    What has been done, is done - and hopefully it will be a learning experience.
    Mike is right but I'm still furious that this happened.

    I understand people can get hacked, problems happen. But i would figure there would be at least two back up servers for the forum. Seeing as the forum has been DDoSS or attacked before if I remember correctly.

    I know this is no ones fault. But steps need to be taken so this doesn't happen again.

    I hate to sound like a whinner but this could happen again.

    This is serious breach of security.
    Last edited by ShaunH; 03-23-2009 at 01:15 PM.
      0 Not allowed!

  13. #13
    Join Date
    May 2007
    Location
    Cardiff, United Kingdom
    Posts
    507
    I've received about 5 spam e-mails today, I hope it isn't due to this.
    Sam Asante ~ Web & User Interface Designer ~ SamAsante.com
    World-Class cPanel Themes
    Responsive WHMCS Themes

      0 Not allowed!

  14. #14
    Join Date
    Oct 2002
    Posts
    13,278
    THE BEST THING YOU CAN DO DENNIS IS CHECK THE IP LOGS AND FIND OUT WHO DID THIS AND GO FROM THERE!!

    Go back thru EVERY IP UNTIL YOU GET TO THE SCUMBAG WHO DID THIS!! (Its not impossible my friend)

    Good luck!





    Tinyurl is the answer for posting long urls!!!
      0 Not allowed!

  15. #15
    Join Date
    May 2008
    Location
    Texas
    Posts
    188
    Quote Originally Posted by citricsquid View Post
    oh come on, you're not serious, right? You're comfortable knowing that there's hundreds/thousands of people sitting in front of their computers with a copy of your password, and every other members? I know I'm not.
    Welcome to the Internet.

    There's really no reason to make a huge issue out of this. Simply change your password(s) and move on.
      0 Not allowed!

Page 1 of 36 123411 ... LastLast

Related Posts from theWHIR.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •