Dreamhost account hacked
I just received word that my ftp account on Dreamhost has been hacked. Some of the stuff was copied, some other stuff maybe even modified. It apparently wasn’t just me or something I did wrong. 3500 other FTP accounts were compromised.
I was already becoming frustrated with them for being slow, but this is way beyond that level of badness. I had some sensitive stuff in there. I feel foolish, but even more I feel angry. Time to really start looking for another host.
Excerpt from the email I received:
We have detected what appears to be the exploit of a number of accounts belonging to DreamHost customers, and it appears that your account was one of those affected.
We’re still working to determine how this occurred, but it appears that a 3rd party found a way to obtain the password information associated with approximately 3,500 separate FTP accounts and has used that information to append data to the index files of customer sites using automated scripts (primarily for search engine optimization purposes).
Our records indicate that only roughly 20% of the accounts accessed - less than 0.15% of the total accounts that we host - actually had any changes made to them. Most accounts were untouched.
rss
June 5th, 2007 at 11:28 pm
I just got that email myself. Yet another embarassment by Dreamhost. At any rate, this could have major repercussions among the small bloggers in the world who use their hosting.
At any rate, when this first happened last week, it crashed the CMS that managed some of my sites, so I picked it up fairly quickly. At the same time, I was puzzled how someone got my password. I emailed DH, and they assured me it was my software, and in no way their fault.
Ah well, live and learn.
I wrote about it more here: http://www.caydel.com/dreamhost-leaks-3500-ftp-passwords/