Web host Linode resets all user passwords after suspected breach

Web hosting provider Linode has reset the account passwords of all its customers following what it suspects was an intrusion on its internal database.

The mass credential reset comes just after the cloud firm suffered a sustained DDoS attack beginning on Christmas Day.

Linode has issued a security advisory confirming that it still has no idea who is behind the hacks, or whether the same perpetrator is responsible for both incidents.

“You may be wondering if the same person or group is behind these malicious acts. We are wondering the same thing.

“At this point we have no information about who is behind either issue. We have not been contacted by anyone taking accountability or making demands,” the company posted on its website earlier today.

Linode was alerted to the latest breach when it found two sets of user credentials on an external machine, as a result of an investigation into a set of unauthorised logins.

“This implies user credentials could have been read from our database, either offline or on, at some point,” it said.

“We have found no other evidence of access to Linode infrastructure, including host machines and virtual machine data.”

The reset took effect earlier this morning Australian time, and means customers will need to set a new password during their next login.

The company has contracted a security firm to investigate the breach and said US law enforcement is also looking into both the DDoS case and the suspected hack.

The latest attack comes two years after an unpatched Adobe ColdFusion vulnerability was exploited to steal source code and encrypted customer credit card numbers and passwords from the company’s systems.

The US-based cloud provider announced 12 months ago it would be expanding its data centre presence in Singapore to better serve Australian and other AsiaPac customers.