Americas

  • United States

Asia

Oceania

DreamHost becomes the latest breach statistic

News
Jan 23, 20123 mins
Data and Information Security

DreamHost has been busy helping customers get new passwords all weekend, after the Web-hosting provider discovered a potential hack into its systems.

Here’s the latest from the DreamHost website:

Last night we detected some unauthorized activity within one of our databases. While we don’t have evidence that customer passwords were taken at this time, we’re forcing a change out of caution. Please login to our web panel and change any passwords you may have with us. We’ll keep this post updated as we get more information.

Update Jan 22nd, 1:05pm PST:Our support team has handled thousands of requests over the weekend to help customers through the process of selecting a new password. All mandatory FTP/shell access password resets by DreamHost were completed Friday evening for our shared customers and by Saturday for our VPS customers, so if you’ve changed your passwords since then, those should be active. Any issues, please continue to message support through the panel. Our average response time is a bit higher than normal because of the number of requests, but we have a large number of our tech support team working diligently to respond to your issues. Due to the fast action we took to reset passwords, we’re not seeing any unusual malicious activity on customer accounts. Our security software and systems are functioning normally.

If your password isn’t still working, please try another reset, and try accessing again in about half an hour. Currently, that’s how long it takes for the new password to start working on your web server, and this time is decreasing as less customers are requesting resets. Please note, we have a newer status post up about the password reset delays, so you will see more current updates there.

If you still can’t access your FTP/Shell after that, please contact support with the details, so we can assist you.

In the Sophos Naked Security blog, Graham Cluley writes:

Sadly, no information has been forthcoming as to how a hacker might have been able to gain access to one of DreamHost’s internal servers. Hopefully the firm is investigating and fixing any potential security vulnerabilities which might expose customer information in future.

Of course, if you use the same password elsewhere on the net (a very bad habit from the security point of view) you should make sure that you change it now. After all, if hackers do have your DreamHost FTP password you don’t want them to be able to log into your email, eBay, Amazon, etc accounts too.

Remember, your passwords should not just be hard for people to guess and difficult to crack, they should also be unique. That way, if a password is lost by one company (as it may have done in the DreamHost case) at least there’s no knock-on effect to your other online accounts.