OT: Dreamhost FTP passwords compromissed.

Richard Gaskin ambassador at fourthworld.com
Wed Jun 6 13:49:02 EDT 2007


Jim Sims wrote:

> On Jun 6, 2007, at 7:31 PM, Brent Anderson wrote: 
>> Where did you see this? I have a DH account and obviously I'm
>> concerned about any potential compromise of my data. 
> 
> http://daringfireball.net/
> http://www.extrapepperoni.com/2007/06/06/dreamhost-screwed-the-pooch/
> 
> Quote from the web site above:
> 
> "Dreamhost Hacked ?
> Dreamhost, in a letter to over 3,500 shared hosting customers:
> 
> We're still working to determine how this occurred, but it appears  
> that a 3rd party found a way to obtain the password information  
> associated with approximately 3,500 separate FTP accounts and has  
> used that information to append data to the index files of customer  
> sites using automated scripts (primarily for search engine  
> optimization purposes).
> 
> Sites that were hacked got a bunch of spammy links inserted into  
> their index.php and index.html pages, in an HTML block that started  
> with <u style display: none>. Dave Shea got hacked, as did a bunch of  
> the readers who contributed to his comments. Shea wrote to Dreamhost  
> and their tech support blamed him. Crooked Timber got hacked four  
> days ago."

If you weren't notified by Dreamhost themselves, you may not have cause 
for alarm.  According to posts in their discussion forum, affected users 
were notified by Dreamhost already via email.

Just the same, it is a good reminder that it's smart to change passwords 
periodically.

-- 
  Richard Gaskin
  Fourth World Media Corporation
  ___________________________________________________________
  Ambassador at FourthWorld.com       http://www.FourthWorld.com



More information about the Use-livecode mailing list