DreamHost hacked, mass password-reset issued

DreamHost hacked, mass password-reset issued

Summary: According to a blog post at DreamHost Status Blog, the company has detected a security breach at one of their database servers.

SHARE:
TOPICS: Security, Software
1

According to a blog post at DreamHost Status Blog, the company has detected a security breach in one of their database servers.

In a response to the attack, the company has decided to issue a mass password-reset on all of its customers.

More details:

Apparently, the breach occured in November via theone-click install wizard offered by Dreamhost: One click and your wholeWordpress / Drupal web site is installed, ready to use, automatically updatedby the wizard. Apparently, it’s the wizard itself that was compromised andanybody who used it was affected.

DreamHost CEO issued the following statement:

“our systems have stored and used encrypted passwords for a number of years, however the hacker found a legacy pool of unencrypted FTP/shell passwords in a database table that we had not previously deleted. We’ve now confirmed that there are no more legacy unencrypted passwords in our systems. And we’re investigating further measures to ensure security of passwords including when a customer requests their password by email (this was not the issue here, though).”

Next to shell and FTP passwords, the company is advising its customers to change email passwords as well.

There are not reports of mass abuse of the stolen accounting data so far.

Topics: Security, Software

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • Wow...

    Wow... Jan 2012 and no comments?

    I guess that goes to show how many people are actually aware that it happened to their websites.

    I guess they hired in a freelancer who made more money the dishonest way, eh?

    Oh how tempting it is, when you are on a server with alot of traffic.
    james@...