Rev Customer Databased Hacked?

Andre Garzia andre at andregarzia.com
Mon Jul 11 12:56:43 EDT 2011


Folks,

I am speculating here but if the attacker just go some of the accounts then
it is possible that the attacker hacked into some of the on-rev servers but
not all of them, then, just the users on those machines were compromissed. I
did not change my password, I am still deciding if I will do it or not.

Again, if you have a need for utmost security, you should not be on shared
hosting, you need to me on your own box on co-location with security experts
on payroll. If you are on shared hosts, then, by default, you are subject to
such attacks.

Cheers
andre
PS: I have a lifetime on-rev account and am happy with it. I also have a VPS
(it is as good as I can pay) for more sensitive stuff and I have one or two
linodes.

On Mon, Jul 11, 2011 at 1:42 PM, Marian Petrides <mpetrides at earthlink.net>wrote:

> I am an On-Rev lifetime subscriber but don't recall getting this message.
>  So it must be something else, I guess.
>
> On Jul 11, 2011, at 11:25 AM, Bob Sneidar wrote:
>
> > I have received it. It's probably legit. I don't see any links to a site
> to authenticate, so what would anyone gain by telling you to change your
> password?
> >
> > Bob
> >
> >
> > On Jul 11, 2011, at 6:34 AM, Gregory Lypny wrote:
> >
> >> Hello everyone,
> >>
> >> Have any of you received this message from Heather?  Implications?
> >>
> >> Gregory
> >>
> >>
> >>> Dear Gregory Lypny,
> >>>
> >>> I need to inform you that over the weekend we experienced an attack on
> our customer database. Although we caught this very quickly I regret that
> some information may have been compromised. A small number of accounts were
> affected, unfortunately yours was one of them.
> >>>
> >>> The information concerned includes your name, email address, on-rev
> username and the server you are hosted on. It does not include your
> password, or any postal address or billing information. This information
> alone does not represent a security risk. However, if you have any concerns
> at all that your password for your on-rev account is not secure, you should
> change it immediately. cPanel offers a secure password generator that
> includes numbers and punctuation in a random string, we strongly advise you
> use this service.
> >>>
> >>> We deeply regret this breach of our security procedures.  We felt it
> important to inform you of it as quickly as possible as a precautionary
> measure.
> >>>
> >>> We have already traced and fixed the exploit that made this possible
> and can assure you that the same error will not happen again in the future.
> >>>
> >>>
> >>> Regards,
> >>>
> >>> Heather Nagey
> >>> Customer Services Manager
> >>> http://www.runrev.com/
> >>> LiveCode - Realize fast, compile-free coding
> >> _______________________________________________
> >> use-livecode mailing list
> >> use-livecode at lists.runrev.com
> >> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> >> http://lists.runrev.com/mailman/listinfo/use-livecode
> >
> >
> > _______________________________________________
> > use-livecode mailing list
> > use-livecode at lists.runrev.com
> > Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> > http://lists.runrev.com/mailman/listinfo/use-livecode
>
>
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>



-- 
http://www.andregarzia.com All We Do Is Code.



More information about the use-livecode mailing list