US-based hosting firm DreamHost is advising customers to change their passwords following a database breach. The firm warned on late on Friday that hackers had compromised customer FTP/shell access passwords. DreamHost began the process of resetting customer passwords over the weekend, a process that hit a few hiccups along the …
Web panel passwords and email passwords were NOT reset, only shell/ftp passwords - I got the email on Saturday and changed my passwords, not a big deal in the end.
Same here. Had 8 password to reset for a variety of sites - no big deal.
Could be a pig if you had lots of sites.
More than that...
As a DH customer of six years, this latest incident takes the proverbial.
Sites have been on and offline for around a week.
Around the same time this particular issue hit, all my own sites on a private server and shared server went back to DNS ONLY from FULLY HOSTED and had to be hand-crafted from scratch.
Sounds like you've had a lot of bad luck. I've been a customer for 10 years and never had a major problem and any problems I have had were resolved amicably and quickly. Maybe I've just been lucky...
"DreamHost’s database servers was illegally accessed using an exploit that was not previously known or prevented by our layered security systems" Translation: "Our third rate web app that was written by an intern 3 years ago got pwned by an SQL injection"