Web host Linode resets all user passwords after suspected breach

By

Hack follows Christmas DDoS attack.

Web hosting provider Linode has reset the account passwords of all its customers following what it suspects was an intrusion on its internal database.

Web host Linode resets all user passwords after suspected breach

The mass credential reset comes just after the cloud firm suffered a sustained DDoS attack beginning on Christmas Day.

Linode has issued a security advisory confirming that it still has no idea who is behind the hacks, or whether the same perpetrator is responsible for both incidents.

“You may be wondering if the same person or group is behind these malicious acts. We are wondering the same thing.

“At this point we have no information about who is behind either issue. We have not been contacted by anyone taking accountability or making demands,” the company posted on its website earlier today.

Linode was alerted to the latest breach when it found two sets of user credentials on an external machine, as a result of an investigation into a set of unauthorised logins.

“This implies user credentials could have been read from our database, either offline or on, at some point,” it said.

“We have found no other evidence of access to Linode infrastructure, including host machines and virtual machine data.”

The reset took effect earlier this morning Australian time, and means customers will need to set a new password during their next login.

The company has contracted a security firm to investigate the breach and said US law enforcement is also looking into both the DDoS case and the suspected hack.

The latest attack comes two years after an unpatched Adobe ColdFusion vulnerability was exploited to steal source code and encrypted customer credit card numbers and passwords from the company’s systems.

The US-based cloud provider announced 12 months ago it would be expanding its data centre presence in Singapore to better serve Australian and other AsiaPac customers.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?